Devknox - Security Plugin for Android Studio

FAQs

What is Devknox and how does it work?

Devknox is a security plugin for the Android Studio IDE that detects and corrects security issues as you write code, real-time. Simply install the plugin and let Devknox detect, suggest and remediate all your security threats while you code and build your app.

Is Devknox available for both the Android and iOS development platforms?

Devknox is currently available only for the Android Studio IDE. We are currently working on a similar plugin for Xamarin to facilitate usage by iOS developers.

What is the data privacy policy at Devknox? Is my data safe if I use this plugin?

All the security analysis is performed locally on your machine and nothing get's sent to our servers except for verification of your login information. We do not store any of your data and you can be rest assured that it is completely safe within your security parameters.

How is Devknox different from using other static code analyzers?

Most static code analyzers do pretty much the same thing and that is to ensure basic security of an app by analyzing code. However, unlike Devknox, most static code analyzers usually scan the ‘entire app’ during development or after production. Devknox gives you the power to detect threats instantly while coding and enables you to take care of security as you build your app. We all know how time-consuming and difficult it is to go back and fix issues after production.

What is the optimum system requirements needed to use Devknox? Will it cause performance issues in my IDE?

It is suggested to have the recommended system specifications as mentioned by Android Studio/Intellij IDE for smooth running of the IDE along with the Devknox plugin. As long as you have the recommended system requirements Devknox plugin will run fine similar to any other plugin or add-on that you might be using.
What are the security checks that come with Devknox Lite ?

Security checks that come with Devknox Lite are - Debug Logging, Error Logging, Verbose Logging, Debug Logging Function, Error Logging Function, Verbose Logging Function, DES Encryption, Insecure File Access Mode, AES CBC Encryption, AES ECB Encryption, RSA No Padding, AES Encryption Alt, RSA Weak Key Pair Generator, Predictable pseudo random number generator(PRNG), Null Cipher, Unencrypted Socket, Webview With Javascript, Possible TapJacking Attack, Android AllowBackup Vulnerability, Android No AllowBackup Attribute, Android Debuggable Enabled, Unprotected Activity, Unprotected Services, Blowfish Weak Key Pair Generator, Cannonicalize URL, Hardcoded AES Key, External Storage Check, GeoLocation Privacy Breach, Broadcast Sensitive Information

Is Devknox a free to use plugin?

Devknox currently offers Devknox Lite

Devknox Lite - Gives you FREE lifetime access to the Devknox plugin for Android Studio

How many developers from a single company can use Devknox?

There is no limit to the number of developers from any company using Devknox. You can check out our plans in detail HERE

Is my source code secure when I use Devknox?

Your source code is totally secured when you use the Devknox IDE plugin. All security analysis are performed locally on your machine itself and nothing get’s sent to our servers except verifying your login information.

How efficient is the Devknox threat detection system? Will it be a bother to me, showing me unnecessary edit suggestions, when I code?

The Devknox plugin is very efficient in detecting security vulnerabilities as well as providing suggestions for quickfix. Devknox is updated with latest security standards when it comes to detecting security threats. If you are not comfortable with the suggestions or annotations shown by Devknox you can disable or suppress those inspections from the report window. You can even disable inspections from the Settings menu. Refer to documentation(Usage Documentation) for details.