Noxtara Docs

Appearance

Performing Remediation for Discovered Issues

Section: AdvanceOrder: 2

Validate the Finding

  • Review the vulnerability details (file name, code snippet, severity, CVSS score).
  • Confirm whether it is a true positive (sometimes static tools produce false positives).
  • Reproduce the issue manually if needed (especially for high/critical issues).

Classify & Prioritize

  • Categorize by severity (Critical, High, Medium, Low).
  • Prioritize issues involving:
    • Hardcoded secrets
    • Insecure data storage
    • Weak cryptography
    • Insecure network communication (HTTP instead of HTTPS)
    • Exported components without protection
  • Map to standards like OWASP Mobile Top 10 for impact assessment.

Fix the Root Cause in Code

Common examples of vulnerability and the remediation actions:

  • Hardcoded API keys: Move secrets to secure backend or use environment/config management
  • Insecure local storage: Use encrypted storage (e.g., Android Keystore / iOS Keychain)
  • Weak crypto (MD5/SHA1): Replace with strong algorithms (AES-256, SHA-256, bcrypt, etc.)
  • Cleartext traffic allowed: Enforce HTTPS and certificate pinning
  • Debuggable app enabled: Disable debug mode in production build
  • Exported activities/services: Restrict with permissions or set exported=false

Apply Secure Configuration

  • Disable unnecessary permissions.
  • Enable certificate pinning.
  • Use ProGuard / R8 (Android) for code obfuscation.
  • Remove sensitive logs before production release.

Rebuild & Re-scan

  • Generate a new build.
  • Re-run scan.
  • Confirm the vulnerability is resolved. This step ensures verification of remediation, not just assumption.

Document & Prevent Recurrence

  • Document the root cause and fix.
  • Add secure coding guideline updates.
  • Integrate MobSF into CI/CD pipeline for continuous scanning (especially relevant if you're already working with CI/CD environments like GitHub Actions or GitLab).

Consider Broader Security Review

If the vulnerability is critical (e.g., authentication bypass, data exposure):

  • Conduct manual penetration testing
  • Review backend APIs
  • Rotate exposed secrets immediately