As Build Envoy works as a remote service to build iOS and Android apps in our server, leveraging a Mac machine (Build Agent) with Xcode and iOS certificate (Distribution License) for the iOS part, we're currently looking into how to integrate AppScan into our infrastructure (Please refer to attached diagram).
1. I would like to understand how AppScan currently handles the scanning of the iOS and Android applications (binary) or source code to identify security vulnerabilities.
2. I'm also interested in finding the way to be able to run the "scanning" process remotely either through a command-line interface or API, if existant, hence automating the app scanning for the user through our system.