AeyeScan to Launch Japan's First Generative AI-Powered Mobile App Vulnerability Diagnostic Feature
AI Security Lab will add an Android app diagnostic feature to AeyeScan using generative AI. By utilizing Vision AI for screen recognition and an autonomous 'Planner' engine, it enables comprehensive testing including backend APIs at lower costs, addressing the shortage of security experts.
📋 Article Processing Timeline
- 📰 Published: May 26, 2026 at 17:00
- 🔍 Collected: May 26, 2026 at 08:31
- 🤖 AI Analyzed: May 26, 2026 at 08:34 (2 min after Collected)
AI Security Lab Co., Ltd., provider of the cloud-based web application vulnerability diagnostic tool "AeyeScan," has announced the upcoming release of a new feature that automates Android app vulnerability diagnostics using generative AI to visually understand screens similar to a human.
A next-generation autonomous UI crawler takes over for expert diagnosticians, visually comprehending the app and executing exhaustive security tests, including backend APIs. This solves three major challenges in mobile app development: "lack of experts," "high costs," and "ritualized testing."
### Development Background
Currently, mobile app security diagnostics face a severe "technical gap," including the barrier of manual testing requiring high expertise, limitations of traditional tools dependent on internal code analysis, and the vulnerability of neglected backend APIs.
### Key Features of AeyeScan "Android App Diagnosis"
1. **AI-Driven Screen Analysis**: Leveraging advanced Vision capabilities (like Gemini), it identifies elements like buttons and input fields from screenshots. It allows accurate recognition even in apps with obfuscated code or proprietary UI frameworks.
2. **Autonomous Navigation Engine 'Planner'**: Acting as the command center, the AI determines the next action (click, scroll, end) based on history and status, avoiding infinite loops and ensuring coverage.
3. **Contextual Test Data Generation**: Reads labels and placeholders to dynamically generate optimal input values, allowing the crawler to navigate complex forms that previously required manual input.
4. **Integrated Triple Scanning**: Captures API communication during crawling, performs binary analysis, and scans for vulnerabilities across both client and server sides in one stop.
### Future Outlook
The company aims to evolve security from a specialized niche into a standard process accessible to all developers. Detailed explanations of these AI-driven approaches will be presented at Interop 2026 on June 12 and a company-hosted webinar on July 7.
A next-generation autonomous UI crawler takes over for expert diagnosticians, visually comprehending the app and executing exhaustive security tests, including backend APIs. This solves three major challenges in mobile app development: "lack of experts," "high costs," and "ritualized testing."
### Development Background
Currently, mobile app security diagnostics face a severe "technical gap," including the barrier of manual testing requiring high expertise, limitations of traditional tools dependent on internal code analysis, and the vulnerability of neglected backend APIs.
### Key Features of AeyeScan "Android App Diagnosis"
1. **AI-Driven Screen Analysis**: Leveraging advanced Vision capabilities (like Gemini), it identifies elements like buttons and input fields from screenshots. It allows accurate recognition even in apps with obfuscated code or proprietary UI frameworks.
2. **Autonomous Navigation Engine 'Planner'**: Acting as the command center, the AI determines the next action (click, scroll, end) based on history and status, avoiding infinite loops and ensuring coverage.
3. **Contextual Test Data Generation**: Reads labels and placeholders to dynamically generate optimal input values, allowing the crawler to navigate complex forms that previously required manual input.
4. **Integrated Triple Scanning**: Captures API communication during crawling, performs binary analysis, and scans for vulnerabilities across both client and server sides in one stop.
### Future Outlook
The company aims to evolve security from a specialized niche into a standard process accessible to all developers. Detailed explanations of these AI-driven approaches will be presented at Interop 2026 on June 12 and a company-hosted webinar on July 7.
FAQ
AeyeScanの新機能であるAndroidアプリ診断の最大の特徴は何ですか?
生成AI(Gemini等のVision能力)を活用し、人間のようにスクリーンショットから画面要素を特定して自律的に巡回・診断を行う点です。
従来のモバイルアプリ診断ツールと何が違いますか?
従来の内部コード解析に依存せず、画面の視覚的理解に基づくため、難読化されたコードや独自UIフレームワークでも正確に操作・診断が可能です。
バックエンドAPIの診断も可能ですか?
はい。自動巡回中に通信されるAPI情報を取得し、既存の診断エンジンと連携して、サーバー側の脆弱性もワンストップでスキャンします。
この機能が解決する主な課題は何ですか?
モバイルアプリ開発における「専門家不足」「高コスト」「テストの形骸化」の3つの課題を同時に解決します。
新機能に関する詳しい説明を聞く機会はありますか?
2026年6月12日の「Interop 2026」展示会場での講演や、7月7日に開催される自社主催ウェビナーで詳しく解説されます。