What “Shift Left” security really means for SDK Vendors

Shift left your application security. Just press the pause button on your continuous delivery pipeline and ask your developers to download our poorly documented SDK…err…actually email our devrel team for the sdk cuz we don’t publish our sdk to the public. It’s kinda top secret. (Plus bill hasn’t finished writing the sdk yet..he’s almost done with the swift version …the objective C version comes out next quarter. We have android fully covered tho if your app is written 100% in Java and you don’t need all the features on day 1. We don’t have a plug-in for c++ yet, but you don’t really need to secure native libraries anyway)….react native you say? Well hmmmm I think you can download a JavaScript obfuscator from GitHub. Just make sure you ask the developer if they fixed all the CVEs…they probly did. Oh flutter? Nah we don’t think flutter is gonna resonate with the dev community so you might wanna avoid that framework.

Anyways we’ll get back to you on Monday once we clear your developers to download our SDK. It’s just 1 line of code, conveniently described in 74 pages of jibberish. There’s even some sample code that gives you a rough approximation of how you might be able to just “drop in” the SDK right quick…it’s just a simple hello world app, but ya know most apps are pretty much the same inside these days, so it should “just work”. Once you get done reading the SDK, give us a ring if you have any issues. We’re standing right by to help!!! SHIFT LEFT!!!!



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

ALAN BAVOSA is VP of Security Products at Appdome, a no-code mobile app security and development platform.