We are using the managed workflow at my company and we had a pen test recently. There were some security issues that have been raised. I have managed to fix some of them, but there were some remaining ones. I would like to know if it possible to act on them without ejecting. The issues are the following:
- No SSL pining.
- Clear text traffic is Enabled For App [android:usesCleartextTraffic=true]
- Application Data can be Backed up [android:allowBackup=true]
- Build can be installed and execute on jailbroken devices