Introduction
NowSecure IPs
When to Allowlist NowSecure IPs
Introduction
NowSecure Platform’s Dynamic App Security Testing (DAST) exercises the compiled binary during runtime. DAST monitors memory, storage, and network communications on a real device to determine whether they are properly secured. These real devices are part of Platform’s infrastructure, and their IP addresses may need to be allowlisted in order to enable successful testing and integrations.
NowSecure IPs
| Location | IP |
| NowSecure Chicago |
38.104.181.35 99.124.236.153 |
| NowSecure DC |
70.182.186.106 98.190.221.141 |
| api.nowsecure.com |
44.230.163.92 35.83.122.10 52.10.148.183 54.191.142.107 |
Note: The above list will be updated as NowSecure adds or changes these IP addresses periodically. For questions regarding IP addresses, please reach out to support@nowsecure.com.
When to Allowlist NowSecure IPs
Often development teams may not want pre-production applications to be able to communicate with networks outside of their organization, but still want to run security and privacy assessments with NowSecure Platform. By adding the above IP addresses (also found in the attched file that can be automatically downloaded using a simple cur, NowSecure Platform will be able to exercise your app's functions and identify security risks of the app during a running state.
To add a curl for the allowlist .json, you can use:
curl -s https://support.nowsecure.com/hc/article_attachments/45266578737293 > ~/Downloads/NOWSECURE_IP_WHITELIST.jsonSome examples of scenarios in which IP allowlisting may be required are listed below:
- The scans of the Play and App Store versions of your app successfully complete, but the uploaded version of your app fails the dynamic portion of the testing.
- The scan screenshots show an error notification such as, “Authorized users only” or “Access denied.”
- The scan screenshots show a “port 443” error or a “502” server error.
Comments
Article is closed for comments.