Security

Hero image for Security

Ensuring the security of your Flutter applications is critical to protect sensitive user data, prevent vulnerabilities, and maintain user trust. This documentation outlines several key security measures and best practices that developers can implement to safeguard their apps, from protecting against runtime threats to conducting thorough security testing during development.

OWASP

The OWASP Mobile Top Ten is a standard awareness document that identifies the most critical security risks to mobile applications.

Software Composition Analysis

Software Composition Analysis (SCA) involves identifying and managing open-source libraries and third-party components used in your Flutter application. Since these components can introduce security vulnerabilities, regular monitoring and updates are essential.

Eli CLI

Static Application Security Testing

Static Application Security Testing (SAST) is a code analysis method that scans the application's source code for vulnerabilities before it is executed. SAST helps detect issues such as insecure coding patterns, data leakage, and improper use of cryptographic functions during the development stage.

Dynamic Application Security Testing

Dynamic Application Security Testing (DAST) evaluates an application during runtime by interacting with it as an end user would. This testing method helps uncover vulnerabilities such as authentication flaws, business logic errors, and insecure data transmission that are not easily detected through static analysis.

Observability

Learn about the importance of observability in Flutter applications and how to implement it using logging, monitoring, and tracing.

CI/CD

Learn about the significance of CI/CD in application development and maintenance.