Contact Us Blog Register Login
PreEmptive Solutions -
  • Home
  • Products
    • Application Protection
      • Dotfuscator for .NET
        • Overview
        • Features
        • Compare Editions
        • Videos & Resources
        • Pricing
        • Downloads
      • DashO for Android & Java
        • Overview
        • Features
        • Videos & Resources
        • Pricing
        • Downloads
      • PreEmptive Protection for iOS
        • Overview
  • Support
    • Product Support
      • Dotfuscator for .NET
      • DashO for Java & Android
      • PreEmptive Protection for iOS
      • Analytics APIs
    • Resources
      • Frequently Asked Questions
      • Knowledge Base
      • White Papers
      • Glossary
      • Videos
      • Submit Support Request
  • Solutions
    • App Protection Solutions
      • Mobile Application Protection
      • Desktop & Server App Protection
      • General Data Protection Regulation (GDPR)
      • Security Development Lifecycle
      • Application Integrity Protection
  • Company
    • About
      • Why PreEmptive?
      • About Us
      • Careers
      • News & Events
      • Blog
    • Contact
      • Contact Us
      • Submit Support Request
    • Legal

App Protection Blogs

Managing Application Vulnerabilities (an early peek into improved controls for your code and data)

October 4, 2016 2641 Views Sebastian Holst

I’m working on an application risk management study/survey focusing on the importance of one vulnerability exploit in particular: debugger hacks against production apps. Our initial data set already includes responses from 100+ developers targeting cloud, mobile and desktop platforms from 15+ countries.

A Clear Material Application Risk for a Majority of Development Teams

58% report ongoing, sustained risk management development investments dedicated to mitigate the following material risks:

  • Financial theft
  • Intellectual property theft through application use
  • Intellectual property theft through application tampering and reverse engineering
  • Operational disruption
  • Regulatory and other compliance obligations
  • Unauthorized access to user and business data

Within the development teams that have taken affirmative action to mitigate these risks, 64% have identified unauthorized use of a debugger in production as a material vulnerability.

If you’re interested in getting the final numbers (and a deeper dive into both the risks and controls to effectively mitigate these risks), I expect to be publishing results in the next 1-2 weeks HERE (there's already a link to a related white paper on this page for download too).

Download a Free Trial Button

Categories

  • Dotfuscator

  • Dotfuscator CE

  • DashO

  • Mobile Protection

  • Risk Management

Recent Posts

Effectively Implementing App Protection



Development’s Journey to Effectively Implementing App Protection

Because data is created, accessed, and changed through applications, hardening and shielding your applications is a key component to protecting your data. Adding application protection to your secure software development lifecycle will make it more difficult for people and machines to exploit them. But, what are the factors to consider when thinking about application risk? Effective application risk management is a sustained, consistent practice and technology selection and implementation is a specialized discipline within that practice. The initial steps below offer a roadmap to selecting and implementing application hardening and shielding as a part of a broader application risk management program.

The full Infographic in pdf form is available here.

”
  • Does app have intellectual property?
  • Does app gate access to value?
  • Does app access private information?
  • Is the app subject to regulation?
  • Does app run in an untrusted environment?
Read more

Technology Trust Issues When Running in Untrusted Environments? Try Application Shielding



“Software is eating the world.” The now-famous quote by technology expert Marc Andreessen was relevant in 2011 but seems downright prophetic in 2018 — the rise of web-based, mobile and IoT applications have created a market both massive and ever-changing. Companies know that simply staying competitive requires cutting-edge apps that both streamline the user experience and provide a steady flow of actionable data. But malicious actors also recognize the value of applications — and will do anything they can to compromise, infiltrate or damage business app networks.

It gets worse: According to the Center for Internet Security, “malspam” threats — unsolicited emails that contain malicious links or attachments — remain the number one attack vector for cybercriminals. Why? Because despite their simplicity, these attacks succeed. As noted by SC Magazine, meanwhile, 80 percent of IoT applications still aren’t tested for security vulnerabilities.

Read more

Managing Risk is More Important Now Than Ever



I just read the Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2018.

Forrester reminds us all that “Risk and compliance management is more important than ever, thanks to the increasingly intangible nature of business value and the growing risk of violating customer trust.”

Read more

Emerging App Security Regulations: Are You Compliant?



IT security is a hot topic, and no wonder — major healthcare, finance and government breaches have all made headlines in recent months prompting both federal agencies and compliance organizations to draft new security standards. As noted by Tech Target, regulations under Sarbanes-Oxley, PCI-DSS and HIPAA all lay out clear expectations for companies when it comes to protecting network assets, personal data and critical infrastructure.

Software, meanwhile, has historically escaped the reach of these regulations, largely thanks to the rapid uptake of mobile and web-based applications: The sheer number and type of cloud-enabled offerings and now IoT-connected software made it difficult for governing bodies and compliance agencies to define meaningful standards that improved overall security. But, just as cloud computing went through a “wild west” period of rapid expansion followed by increasing scrutiny and regulation, software and application development is now on the receiving end of emerging security regulations.

Read more

An app hardening use case: Filling the PCI prescription for preventing privilege escalation in mobile apps



Preventing Privilege Escalation in mobile payment apps (PCI Mobile Payment Acceptance Security Guidelines Section 4.3)

Regulators, standards bodies and IT auditors have become increasingly likely to recommend an absolute prohibition of rooted Android devices in production environments. As the 2017 PCI Mobile Payment Acceptance Security Guidelines state, “Bypassing permissions can allow untrusted security decisions to be made, thus increasing the number of possible attack vectors.”

It is only natural that the apps themselves rise up to act as a ubiquitous governance, risk, and compliance management layer – preventing, detecting, responding, and reporting on threats - including those posed by unauthorized rooted devices.

Read more

Popular Tags

.net native android application security asp.net cli debug protection dotfuscator dotfuscator ce dtsa

preemptive logo

 

 

767 Beta Dr. Suite A
Mayfield Village, OH 44143

Tel: +1 440.443.7200

solutions@preemptive.com

Latest Blog Posts

Effectively Implementing App Protection

March 14, 2018
Read more

Technology Trust Issues When Running in Untrusted Environments? Try Application Shielding

February 27, 2018
Read more

Managing Risk is More Important Now Than Ever

February 20, 2018
Read more

Emerging App Security Regulations: Are You Compliant?

February 16, 2018
Read more

An app hardening use case: Filling the PCI prescription for preventing privilege escalation in mobile apps

February 8, 2018
Read more

Latest News

PreEmptive Solutions Launches GDPR Compliance Relief Program

November 15, 2017
Read more

Protecting Your Xamarin Apps with Dotfuscator

September 21, 2017
Read more

Third Major Dotfuscator Community Edition Release in 12 Months Expands Real-time Defense and Streamlines Xamarin Integration

May 10, 2017
Read more

DashO 8.0 for Java and Android Ships with Advanced Real-time Application and Data Controls

November 28, 2016
Read more

Dotfuscator® Community Edition Expanded to Include Advanced Application and Data Protection Controls

November 16, 2016
Read more

Twitter

Are you at #RSAC? Then come see us at Booth 3241 North to see how we can help protect your app. https://t.co/NWme0Yst0R Apr 17 • reply • retweet • favorite

Copyright © 2018 PreEmptive Solutions

  • Home
  • Contact Support
  • Blog
  • Contact
  • Sitemap
Scroll to Top