You could Secure Intellectual Property

Reverse engineering managed code is a well understood and common practice.  With reverse engineering tools sitting on literally millions of desktops, binary == source for Java and .NET applications.  There is no technical - and therefore arguably no legal - distinction between distributing compiled applications 'in the clear' and distributing your source code.  What if your applications could actually secure your IP rather than distribute it?

Applications contain programming, process, and industry Intellectual Property (IP). Competitors, pirates, partners, and even prospects can extract, analyze, alter, or derive works based in part or entirely on the hundreds and perhaps thousands of person-days you have invested.  The extent and value of application IP is often overlooked. Examples include

• Key algorithms used inside commercial applications - unmanaged access undermines product differentiation and reduces company value.
• Processes embedded in internally deployed ERP systems - uncontrolled access increases the risk of operational disruption and reduces competitive advantage.
• Application usage conventions and human factor design principles - understanding can be used by phishers to trick end-users into revealing their personal information.
   

Getting ready to release your application and you've just been informed that you must protect against reverse engineering - with days to go and not an hour to spare - what do you do?

Dotfuscator and DashO can be used to obfuscate existing applications without having to rebuild the original application or access the original source. Dotfuscator enables you to link assemblies and instrument tamper defense on binaries, libraries, and other executables on .NET applications.  For Java applications, DashO enables you to package jars and obfuscate binaries.

To further speed deployment and reduce risk, have PreEmptive Solutions configure your application for you.

Are you ready to consistently and appropriately manage the financial, operational, and reputational risks that stem from unauthorized and unmanaged access to source code? The following high-level steps are common practice amongst our 3000+ commercial/corporate client organizations.

• Establish consistent policies to communicate appropriate IP protection requirements.
• Select standard controls and technologies to ensure consistent risk management practices.
• Ensure appropriate levels of protection can be readily applied with minimum side-effects or operational complexity. Condition developers to indicate sensitive and/or high performing code typically via custom attributes (or annotations).
• Ensure all of the above is appropriately reflected within your development methodology, e.g. Agile, etc.
• Modify third party agreements to extend these controls to parties with non-transferable authorized access to source code.

 
Our professional services organization stands ready to share best practices and peer benchmarks to facilitate the definition and assimilation of IP protection policies, practices and technologies specifically designed to align your development practices with your organization's appetite for risk.