Risk
2/24/2010
08:29 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Arxan Launches Application Hardening For Mac Apps

Extends GuardIT software protection solution to encompass applications targeted for the Mac OS X platform

Bethesda, MD — Feb. 23, 2010 — Arxan Technologies, a leading provider of application hardening solutions that protect software applications from attacks to minimize risk to code and intellectual property (IP), today announced it has extended its GuardIT software protection solution to encompass applications targeted for the Mac OS X platform. With the addition of GuardIT for Mac OS X, Arxan offers the industry's most thorough protection for applications across multiple platforms including Windows, Linux, .NET and Java to protect against piracy, tampering, reverse engineering, malware or other forms of attack.

As the Mac platform continues to gain popularity, hackers are increasingly exploiting weaknesses in Mac OS X applications to invade end-user systems. This exploitation leads to application piracy, loss of application integrity, and loss of compliance with digital rights management (DRM) standards. These compromises threaten the business models of multiple industries, including independent software vendors (ISVs), gaming and digital media companies.

"The Mac platform has long been viewed as a safer and more secure than Windows," said Paul Roberts, senior analyst at The 451 Group. "The truth is that Mac's small share of the total OS market explained the rarity of Mac-focused threats. That's changing. The growing popularity and widespread use of Mac in the digital media market makes the platform an attractive target for hackers. Mac developers no longer view themselves as immune to application attacks and are adopting appropriate security measures to protect their code and valuable IP from malicious attacks."

"GuardIT for Mac OS X provides the most durable application hardening with security against reverse engineering and tampering, so software developers and producers can mitigate the risk of exploitable vulnerabilities and loss of revenues," said Mike Dager, chief executive officer of Arxan. "Our code protection solution protects critical algorithms, hardens license management and assists with DRM robustness rules compliance, and this has never been more critical than today when applications are deployed in distributed and untrusted environments that expose code to constant attacks."

Key features and benefits of Arxan GuardIT for Mac OS X include:

  • Diverse and customizable Guard types for code security, including obfuscation, encryption , anti-debug, repair, and checksum

  • Instruction level granularity to fine-tune code protection ranges

  • Binary level security which prohibits changes to the source code and the software development lifecycle (SDLC)

  • Tailored security designs to maintain performance levels, and build in resilience

  • Compatibility with third party license management, and support for Mac OS X versions 10.4, 10.5 and 10.6

    For more information regarding Arxan GuardIT for Mac OS X, please call 301-968-4290 or email info@arxan.com. Arxan will feature its GuardIT for Mac OS X solution at RSA Conference 2010 in San Francisco, March 1-5. Please visit booth number 318.

    In addition to the launch of GuardIT for Mac OS X, Arxan also made available today the following enhancements to the GuardIT platform:

  • Windows 7 Support

  • Windows Server 2008 SP1 Support

  • Anti-debug Wrapper Guard Enhancements

  • .NET Guard Improvements

    About GuardIT

    Arxan's GuardIT for Mac OS X extends Arxan's award-winning GuardIT protection to the Mac operating system. GuardIT is the most user-friendly software IP protection solution available today, integrating easily and smoothly into the software development lifecycle. Arxan's GuardIT offering provides durable protection for software, without adversely affecting application performance through an interconnected mesh of small security units called Guards scattered across a compiled binary and then dissolved into the application. Arxan's protection deeply fortifies the overall software product against piracy, tampering, reverse engineering or other forms of attack.

    About Arxan Technologies Arxan Technologies Inc. is a leading provider of application hardening solutions designed to protect software applications from tampering to minimize risk and maximize profitability. Our advanced software protection solutions secure enterprises, ISVs and digital media providers against unauthorized use, malware insertion, piracy, and reverse engineering of intellectual property. Our products defend, detect, alert and react to attacks through a threat-based, customizable approach that is proven, easy to use and non-disruptive. Arxan supports a full range of application protection needs, from commercial software to governmental cyber security assurance. Founded in 2001, Arxan Technologies has offices in Bethesda, MD, San Francisco, CA and West Lafayette, IN. For more information, please visit www.arxan.com.

    Comment  | 
    Print  | 
    More Insights
  • Register for Dark Reading Newsletters
    White Papers
    Cartoon
    Current Issue
    Dark Reading Tech Digest, Dec. 19, 2014
    Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
    Flash Poll
    Video
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2014-9676
    Published: 2015-02-27
    The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.

    CVE-2014-9682
    Published: 2015-02-27
    The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.

    CVE-2015-0655
    Published: 2015-02-27
    Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

    CVE-2015-0884
    Published: 2015-02-27
    Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

    CVE-2015-0885
    Published: 2015-02-27
    checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

    Dark Reading Radio
    Archived Dark Reading Radio
    How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.