Security vulnerability scanning with Anka Scan

We are excited to announce the general availability (GA) of Anka Scan v1.0.0. As development teams increasingly adopt Infrastructure-as-code for development and production, the incident with Log4J in December 2021 highlighted the importance of security vulnerability scanning in development and production.

Developers will not stop using existing libraries and frameworks; however, organizations will need to adapt processes to look for bugs and vulnerabilities in all third-party code early in the development cycles.

Anka Scan enables iOS development teams to scan all installed third-party libraries and packages in their build and test Anka Build VM macOS images for security vulnerabilities.

Anka Scan works alongside Anka Build to incorporate DevSecOps in iOS CI setups. Anka Build transforms the iOS CI into a more agile infrastructure-as-code that provides at least 50% faster pipeline execution. Anka Scan proactively monitors third-party packages in iOS build and test environments for security vulnerabilities.

Why do you need Anka Scan?

Anka Scan security vulnerability scanning is a new concept for iOS CI workflow. Development teams are running tools like Snyk and others during code commits to flag vulnerabilities in third-party libraries. Some go a step further and don’t allow the download and inclusion of third-party libraries in the code from untrusted sources, only allowing it from internal repositories. When the iOS application code moves forward in the development cycle to the build and test stages, there is no monitoring of security flaws in third-party libraries. Malicious actors can tactfully introduce vulnerability and other security flaws in the third-party package used during the build and test of iOS applications, thus ensuring that those flaws get into the production application package.

It’s imperative to continuously scan for security vulnerabilities in all third-party packages during the build and test of iOS applications.

How does Anka Scan work?

Anka Scan vulnerability scanning will discover all third-party packages and libraries inside Anka macOS VMs that you use for building and testing your iOS apps.

Scanning for vulnerabilities happens primarily against VM stored in the Anka Build Cloud Registry, without the need to run the macOS VMs.

Anka Scan can also perform scanning against the entire Registry storage volume or against selected VMs on the local machine. Anka Scan is a command-line tool that easily integrates into your existing iOS CI/CD process and infrastructure-as-code-based workflow.

Vulnerability scan reports can be output in multiple formats to be ingested by other SOC consoles/systems.

We are looking forward to feedback from our users, and there are more exciting iOS DevSecOps focused tools development underway.

Share this post

Unlocking Superior macOS VM Network Performance: Introducing Anka's new networking mode for Apple Silicon
Large and complex enterprises using Anka have many different demands, and we have worked to continue to develop innovative technology to meet these demands. Enterprise infrastructure hardware is often on the cutting edge, and they need advanced capabilities...
Read More
Anka Cloud Gitlab Executor
Veertu’s Anka and the new Anka Cloud Gitlab Executor Veertu’s Anka is a suite of software tools built on the macOS virtualization platform. It enables the execution of single or multi-use macOS virtual machines (VMs) in a manner similar to Docker....
Read More
Real-Time CVE Scanning of your macOS Build Systems
It’s common that an organization’s macOS build system will download thousands, sometimes tens of thousands of third-party dependencies every hour. When building and testing iOS applications, it typically downloads and installs third-party...
Read More
The ONLY Fully Automated Apple Silicon macOS VM Creation Solution
Starting in Anka 3.1 we announced that Anka is now able to fully automate the macOS installation processes, disabling SIP, and enabling VNC — all previously manual steps users had to perform inside o the VM. At the time of writing this article,...
Read More
Scripting macOS UI User Actions With Anka Click
Starting in Anka 3.2, we’ve introduced a solution for scripting macOS UI user actions. You may ask, “Why would I want to do that?”. Well, often macOS configuration and applications do not have a CLI allowing you to perform certain actions...
Read More
Real-time, continuous scan of file downloads on macOS for security vulnerabilities
Today, we are announcing the Beta availability of the Mac Scan solution. Mac Scan software runs on macOS systems (bare metal, virtual, EC2 Mac) and scans downloads in real time for security vulnerabilities. There are multiple scenarios why you would...
Read More
Screen Shot 2022-10-17 at 10.13
Anka 3.1- Fully automated VM macOS installation & The Behavior-Driven macOS UI Automation Framework
We are very happy to announce the General Availability of Anka 3.1 for Apple Silicon / ARM macs. In this release, we are taking our approach to iOS CI automation one step further by introducing a Behavior-Driven macOS UI Automation Framework in Anka,...
Read More
Migrating from Anka on Intel to Anka on M1 Mac for iOS CI
In this blog, we will cover the key topics for migrating from Anka on Intel to Anka on M1/M2 Macs. Anka is an IaaC solution from Veertu to set up an agile Container like CI for iOS CI using macOS VMs. Anka for Intel uses Apple’s Hypervisor.Framework virtualization...
Read More
World's first Security Vulnerability scanner for EC2 Mac AMIs
We are excited to announce the General Availability of the world’s first security vulnerability scanner for EC2 Mac AMIs. EC2 Mac AMI Scan scans Intel and Apple Silicon macOS EC2 AMIs, detects security vulnerabilities in third-party packages, dependencies,...
Read More
It's time to migrate your iOS CI from ESXi Virtual Mac Infrastructure to native macOS Virtualization
When VMWare ESXi started officially supporting Apple macOS Virtualization on Mac hardware in late 2012, it opened the doors for the possibility of iOS development to move to a Linux-like, agile, scalable CI infrastructure. Soon enough, many iOS enterprise...
Read More