At runtime, threat actors can employ a variety of techniques to analyze and modify the app. Today, it is easier than ever before for a malicious user to deploy various techniques like jailbreaking, rooting, hooking, and more in order to steal decryption keys, intercept communication to servers and more.
Threat actors tamper with mobile apps for a variety of ends, such as to unlock hidden or premium functions, repackage apps to steal confidential data or learn more about the application at runtime to support reverse engineering attempts. Gaining protection against dynamic analysis is essential. Combined with protection against static analysis, protection against runtime attacks helps to prevent these outcomes, preserve your app’s integrity and your brand’s reputation.
Guardsquare’s polymorphic approach ensures that every app’s build comes with a unique combination of check locations and exact checks, as every RASP integrity can be validated with a diverse palette of specific checks. And as an app developer you have full control over which parts of your app not to touch, or to touch more aggressively. For additional protection, code hardening is automatically applied to all inject locations.
Too often delayed to the end of the development lifecycle, security needs to be considered right from the start. As your app development progresses, testing, feedback and monitoring helps you to ensure the highest possible level of security.
Locale X, a popular Android app for automating device settings, was struggling with modified, pirated versions of the app. Using DexGuard and ThreatCast, Locale X was able to protect their intellectual property, prevent reverse engineering and monitor ongoing threats.Learn More
Pirates were creating extra work for Carter Jernigan, founder of two forty four a.m. and developer of Locale, by increasing server load and impacting the customer experience.
Using DexGuard to obfuscate code, Jernigan was able to protect his intellectual property, while ThreatCast enabled him to keep an eye on how users were interacting with the app.
“I let DexGuard do the optimizing for me,” said Jernigan. “It makes the engineering process a lot easier, and the app is more secure and faster, too. [...] We have a clearer sense of how to help users during support requests, like if they’re running in an environment that might be causing problems."