PreEmptive Thoughts from Build 2017

May 22, 2017 3084 Views Gabriel Torok

Like so many of us returning from Build 2017, we at PreEmptive are feeling both energized and highly motivated. Energized because of the truly impressive innovation coming out of both Microsoft and our larger ecosystem – and motivated because we can all see the expanding concern around application risk management and data security in this rapidly evolving world – and of course, that is where PreEmptive Solutions comes in.

Microsoft announced (and released) a broad range of software at Build: Improving Azure, Visual Studio, cross platform application development, and DevOps automation and efficiencies. You don’t have to hear about these from us – Microsoft published a nice Build wrap up here. I’m proud to say that PreEmptive Solutions were able to continue our 15+ year tradition of keeping pace with Microsoft’s remarkable cadence with a few announcements of our own.

At Build 2017, we announced

An update of our debug defense capabilities inside Dotfuscator to defend against native debuggers in addition to managed,
Enhancements of our Xamarin integration to significantly simplify and automate our protection there, and
Support for .NET Standard and Dotfuscator CE support for VSTS.

In other words, we also “announced (and released) a broad range software at Build improving Azure, Visual Studio, cross platform application development, and DevOps automation and efficiencies.”

I think my lasting impression of Build 2017 (and I’ve attended every Build so far) will be that the general awareness – even sophistication – around application risk management concepts and practices has never been higher. In fact, in the keynote (see image below) Microsoft noted that a specific key concern developers have is in making sure “their stuff” does not get hacked.

I see this jump in awareness as a direct consequence of the increasing importance of applications in all that we do. The higher the value of an application (and applications in general), the more it is worth protecting. And application developers attending Build certainly demonstrated the high value and impact of the work they’re doing. This is going to be an exciting year.

Data Breaches in 2019: Why the Hackers are Winning (And What You Can do About It)

Hackers are winning. As noted by Information Age, data breach reports are up 75 percent over the last two years — while part of this increase is tied to emerging legislation and disclosure requirements, a quick look at tech headlines makes it clear that attackers are coming out ahead in the fight to keep corporate networks, applications and data secure.

But it’s not all bad news. Armed with knowledge of the current breach landscape — along with actionable insight to protect critical assets — organizations can start to even the score and put hackers on the defensive. Here’s what you need to know.

DashO 9.2 is available for immediate download and includes two powerful new controls:

1) Emulator Check, a new injectable control that

Detects when a hardened app is being executed on an emulator (even if that emulator is not rooted), and
Responds with the one or more pre-defined defenses and/or app-specific defenses – all in real-time.

Butter Knife is an annotation processing library that helps streamline boilerplate Java code in Android views. At compile time, Butter Knife annotations are processed to generate the relevant UI code to make views function properly.

When obfuscating applications that use Butter Knife, there are specific configuration patterns you should follow. The code that connects generated classes to their views uses runtime reflection under the hood. Because of this, the original name of the View is required.

When configuring DashO we need to:

Dotfuscator Pro 4.39 includes MUCH simpler Xamarin Project integration and Anti-tamper and Rooted device controls for Xamarin.Android

Dotfuscator 4.39, available for download, now includes Anti-tamper controls for Xamarin.Android. This feature adds to the growing list of run-time detection and response features that have rapidly emerged as standard controls required for every Android app processing sensitive information or secure transactions.

This release comes less than three weeks after Version 4.38 dramatically simplified the configuration of Dotfuscator within Xamarin projects and just a few months after Dotfuscator added Rooted Device detection and defense controls.

Time is of the essence for application security — the sooner IT teams can detect potential attacks and the longer it takes cybercriminals to crack app code, the better your business outcomes.

But with hackers adapting to overcome infosec efforts and new software vulnerabilities constantly emerging, how do companies gain more time — and give hackers less time — across their application stack?

It all starts with a change in direction: Security needs to shift left.

PreEmptive Thoughts from Build 2017

Data Breaches in 2019: Why the Hackers are Winning (And What You Can do About It)

Android Developers Gain Major App Security Boost with DashO v9.2

Protecting Java Android Applications that use Butter Knife

Xamarin Apps Get Second Major Security Boost With Dotfuscator Pro 4.39

Shift Left: The Case for “Time-Traveling” App Security

Latest Blog Posts

Data Breaches in 2019: Why the Hackers are Winning (And What You Can do About It)

Android Developers Gain Major App Security Boost with DashO v9.2

Protecting Java Android Applications that use Butter Knife

Xamarin Apps Get Second Major Security Boost With Dotfuscator Pro 4.39

Shift Left: The Case for “Time-Traveling” App Security

Twitter

App Protection Blogs

PreEmptive Thoughts from Build 2017

Latest Blog Posts

Twitter