New industry-first capabilities protection mobile communications & the underlying mobile app

September 13, 2018

4 Min Read

PRESS RELEASE

Redwood City, Calif – Sept. 12, 2018 – Appdome, the mobile industry's first no-code, cloud platform for mobile app integration, today announced new advanced security features within its Mobile App Security Feature Set to protect mobile communications and mobile applications from hackers and malicious activity.

Both features are industry firsts – providing new levels of security for Android and iOS apps not found elsewhere in the market. Further, new and existing mobile app security features can be implemented without access to source code, directly to the application binary in seconds, regardless of the development environment used to build the app.

"Mobile threats are increasing in frequency and sophistication, said Avi Yehuda, co-founder and CTO of Appdome. "App makers and mobile developers are demanding two critical things from the industry – more advanced protections to secure mobile communications and shield mobile applications at every level, and faster, more consistent ways of adding these protections."

The first of the new security features adds to Appdome's industry-leading TOTALCode™ Obfuscation solution. The new feature targets at Non-Native applications built in React Native, Cordova or Xamarin. These environments embed the business logic of apps outside of where a traditional iOS or Android application's code resides (i.e. storing business logic of apps in JavaScript and DLL files outside the app's main binary).

With this release, and without writing any code or touching source code at all, Appdome's TOTALCode Obfuscation can now obfuscate and protect the "extra" files deep inside non-native applications, thwarting any malicious agent that wants to extract or reverse-engineer these files. Appdome users can put these new features to use by selecting "File Obfuscation" within TOTALCode; feature set available on Appdome. With this release, Native and Non-Native applications share the same range of mobile app shielding options, including anti-reversing, anti-tampering, anti-debugging, encryption for strings and preferences and more. All app shielding features can be added without any performance tradeoffs or work typically associated with other solutions.

The second of the new security features is called Trusted Session Inspection. Trusted Session Inspection is an advanced Man-in-the-Middle protection model for Android and iOS apps that verifies the SSL connection on the go. The key element of Trusted Session Inspection is the ability to keep track of the SSL session and validate the CA authenticity as it is being sent. Trusted Session Inspection is stateful and has no performance impact on the app. It allows for malicious proxy detection regardless if the proxy is internal or external to the mobile device. It can also prevent an app from resuming unauthorized SSL sessions it did not initiate. With Trusted Session Inspection, Android and iOS apps are protected against all types of attacks, such as malicious proxy, ARP spoofing or any other session hijacking techniques.

Both new features are available now on Appdome. To add these new security features to an Android or iOS app, app makers and mobile developers simply sign in to Appdome's self-service, no-code platform, upload an .ipa (for iOS apps) or .apk (for android Apps), select the desired protections, and click "Fuse My App." In seconds, the new protections are added to each app and the newly secured apps are ready for deployment.

"Better security with less work for all mobile apps has been our motto from the start," Tom Tovar, CEO of Appdome said. "These features extend our leadership in making mobile app security a reality from first use across all Android and iOS apps."

About Appdome

Appdome is a productivity platform for mobile integration, providing the rapid integration of multiple third-party functions to apps, shortening the deployment cycle and connecting mobile apps to other services on demand. The codeless service operates as a mobile integration workflow in the cloud and allows users to perform integration projects on the final application package. No source code or development expertise is required. Likewise, no modifications to an app or an SDK are required to complete integration projects on the platform. The solution is currently used by the world's leading financial, healthcare and e-commerce companies to support productivity, compliance and security for consumers and employees. Appdome was rated a "Cool Vendor" in Mobile Security by Gartner in 2015. The company is based in Silicon Valley, United States and Tel Aviv, Israel. For more information, visit www.appdome.com.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights