Risk
2/24/2010
08:29 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Arxan Launches Application Hardening For Mac Apps

Extends GuardIT software protection solution to encompass applications targeted for the Mac OS X platform

Bethesda, MD — Feb. 23, 2010 — Arxan Technologies, a leading provider of application hardening solutions that protect software applications from attacks to minimize risk to code and intellectual property (IP), today announced it has extended its GuardIT software protection solution to encompass applications targeted for the Mac OS X platform. With the addition of GuardIT for Mac OS X, Arxan offers the industry's most thorough protection for applications across multiple platforms including Windows, Linux, .NET and Java to protect against piracy, tampering, reverse engineering, malware or other forms of attack.

As the Mac platform continues to gain popularity, hackers are increasingly exploiting weaknesses in Mac OS X applications to invade end-user systems. This exploitation leads to application piracy, loss of application integrity, and loss of compliance with digital rights management (DRM) standards. These compromises threaten the business models of multiple industries, including independent software vendors (ISVs), gaming and digital media companies.

"The Mac platform has long been viewed as a safer and more secure than Windows," said Paul Roberts, senior analyst at The 451 Group. "The truth is that Mac's small share of the total OS market explained the rarity of Mac-focused threats. That's changing. The growing popularity and widespread use of Mac in the digital media market makes the platform an attractive target for hackers. Mac developers no longer view themselves as immune to application attacks and are adopting appropriate security measures to protect their code and valuable IP from malicious attacks."

"GuardIT for Mac OS X provides the most durable application hardening with security against reverse engineering and tampering, so software developers and producers can mitigate the risk of exploitable vulnerabilities and loss of revenues," said Mike Dager, chief executive officer of Arxan. "Our code protection solution protects critical algorithms, hardens license management and assists with DRM robustness rules compliance, and this has never been more critical than today when applications are deployed in distributed and untrusted environments that expose code to constant attacks."

Key features and benefits of Arxan GuardIT for Mac OS X include:

  • Diverse and customizable Guard types for code security, including obfuscation, encryption , anti-debug, repair, and checksum

  • Instruction level granularity to fine-tune code protection ranges

  • Binary level security which prohibits changes to the source code and the software development lifecycle (SDLC)

  • Tailored security designs to maintain performance levels, and build in resilience

  • Compatibility with third party license management, and support for Mac OS X versions 10.4, 10.5 and 10.6

    For more information regarding Arxan GuardIT for Mac OS X, please call 301-968-4290 or email info@arxan.com. Arxan will feature its GuardIT for Mac OS X solution at RSA Conference 2010 in San Francisco, March 1-5. Please visit booth number 318.

    In addition to the launch of GuardIT for Mac OS X, Arxan also made available today the following enhancements to the GuardIT platform:

  • Windows 7 Support

  • Windows Server 2008 SP1 Support

  • Anti-debug Wrapper Guard Enhancements

  • .NET Guard Improvements

    About GuardIT

    Arxan's GuardIT for Mac OS X extends Arxan's award-winning GuardIT protection to the Mac operating system. GuardIT is the most user-friendly software IP protection solution available today, integrating easily and smoothly into the software development lifecycle. Arxan's GuardIT offering provides durable protection for software, without adversely affecting application performance through an interconnected mesh of small security units called Guards scattered across a compiled binary and then dissolved into the application. Arxan's protection deeply fortifies the overall software product against piracy, tampering, reverse engineering or other forms of attack.

    About Arxan Technologies Arxan Technologies Inc. is a leading provider of application hardening solutions designed to protect software applications from tampering to minimize risk and maximize profitability. Our advanced software protection solutions secure enterprises, ISVs and digital media providers against unauthorized use, malware insertion, piracy, and reverse engineering of intellectual property. Our products defend, detect, alert and react to attacks through a threat-based, customizable approach that is proven, easy to use and non-disruptive. Arxan supports a full range of application protection needs, from commercial software to governmental cyber security assurance. Founded in 2001, Arxan Technologies has offices in Bethesda, MD, San Francisco, CA and West Lafayette, IN. For more information, please visit www.arxan.com.

    Comment  | 
    Print  | 
    More Insights
  • Register for Dark Reading Newsletters
    White Papers
    Flash Poll
    Current Issue
    Video
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2011-0460
    Published: 2014-04-16
    The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map.

    CVE-2011-0993
    Published: 2014-04-16
    SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors.

    CVE-2011-3180
    Published: 2014-04-16
    kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.

    CVE-2011-4089
    Published: 2014-04-16
    The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

    CVE-2011-4192
    Published: 2014-04-16
    kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."

    Best of the Web