Blog - PreEmptive Solutions

Dotfuscator 4.8.1000 with XAML obfuscation support

July 30, 2010 Written by Michael Letterle 3585 Views

This past Monday we released a significant update of Dotfuscator. After introducing BAML support in 4.7.1000, we are proud to announce that starting with version 4.8.1000 you can now also obfuscate embedded XAML resources, allowing significant improvement in protecting Silverlight applications.

PreEmptive is doing its part to help the Vancouver Winter Olympics go off smoothly.

February 19, 2010 Written by Gabriel Torok 2917 Views

Application Intrusion Detection

August 19, 2009 Written by Gabriel Torok 3323 Views

I recently worked with a UNIX security expert setting up a small pile of servers. We hired him to handle the total system security of the servers as those servers would be charged with storing highly sensitive customer data. In fact, the vendor for this data had very strict requirements as to how we were allowed to store this data. The requirements (something similar to PCI Level I) were dictated in a 40 page document where one of the rules literally required a monitored camera to be shining directly on the primary database server at all times.

How to sell to over one million .NET developers with VS 2010 and VSTS 2010

June 15, 2009 Written by Sebastian Holst 3072 Views

Dotfuscator and MSBuild

April 30, 2009 Written by Bill Leach 6453 Views

This is the first in a series of what I hope to be informative postings around the theme of “Dotfuscator Tips, Tricks, and HOWTOs”. Today's topic, if you missed the title, is MSBuild integration. Dotfuscator Pro ships with an MSBuild task that is by default installed into the MSBuildExtensionsPath directory (e.g. C:\Program Files\MSBuild) under “PreEmptiveDotfuscator4.0”. In this directory, you will also find PreEmptive.Dotfuscator.Targets, the file that contains a common definition for the “Dotfuscate” target.

How do you get $5 from every .NET developer on the planet?

April 6, 2009 Written by Sebastian Holst 3435 Views

Page 10 of 10

Free Trial

Request Quote

Request Demo

"Leaky Apps” Are Draining Your Data — Here’s How You Plug the Hole

All apps are vulnerable. That’s the takeaway from a recent Trustwave report, which found that 100 percent of web applications could be compromised in a cyberattack. Combined with the uptick in mobile malware, account takeover fraud and blockchain-based attacks, companies spend most of their time fending off new attacks while trying to keep current apps up and running.

The result? It’s easy to assume that when applications aren’t directly under attack, they’re effectively safe. The truth? More code handling more data increases the risk of “leaky apps” — applications which unwittingly expose sensitive data to prying eyes.

Here’s how you plug the holes.

Anyone developing software applications today can easily feel overwhelmed by the persistent security threats their products face from application counterfeiting and malware injection to theft of services and confidential information. This article discusses some of ways hackers go about their dirty deeds and how to achieve a balanced perspective on application risk and risk management allowing you to release applications with greater confidence. Gaining this confidence requires a deeper knowledge of the risks and potential remedies.

With our recent DashO releases, we’ve been working to make our Android support even easier to use. A great example of this is our evolved support for Crashlytics, which is an analytics framework that can provide detailed reports on application crashes from the field.

When applications have been obfuscated, the stack traces will contain obfuscated class and method names. To prevent this from complicating debugging, Crashlytics provides a utility to automatically deobfuscate stack traces, so that the reporting server shows the original class and method names. It does so by reading the map file, which is a file created by the obfuscation tool to pair the obfuscated class and method names with the original names. Crashlytics expects this map file to be in a ProGuard-compatible format, which differs from the DashO map file format.

If you were using Crashlytics with a version of DashO prior to our 8.5, this would likely have caused issues. You might have experienced an error during the Gradle build, from the Crashlytics plugin:

Applications are vulnerable. Eighty-six percent of web apps have access control and authentication issues, while 80 percent of mobile apps may unwittingly expose critical vulnerabilities. As noted by Dark Reading, even traditionally “safe” digital environments such as industrial control systems (ICS) are now at risk — more than 50 percent of ICS/SCADA applications available through reputable app stores contain serious authorization flaws.

The result? Companies are looking for new ways to defend web and mobile apps that go beyond standard testing practices and empower real-time response. Enter Runtime Application Self-Protection (RASP) which is designed to detect app attacks as they happen. Over the last few years, the market for this technology has diversified and evolved; recent data puts the RASP market on track for 50 percent CAGR over the next four years.

Over the past year, we have seen an influx of developers looking to replace existing ProGuard and DexGuard implementations with DashO. While the three products are conceptually similar, we have found that there are important differences between the products, and those differences can lead to unexpected migration issues. This article summarizes many of the tips and techniques our support team has been refining, to shorten your learning curve and simplify your migration.

This article:

Provides a logical mapping of features between the three products.
Recommends specific patterns to:
- Simplify and shorten your migration.
- Improve the strength and effectiveness of your application protection.
- Optimize and automate ongoing app protection to reduce the cost and complexity of maintaining protection.

Dotfuscator 4.8.1000 with XAML obfuscation support

PreEmptive is doing its part to help the Vancouver Winter Olympics go off smoothly.

Application Intrusion Detection

How to sell to over one million .NET developers with VS 2010 and VSTS 2010

Dotfuscator and MSBuild

How do you get $5 from every .NET developer on the planet?

"Leaky Apps” Are Draining Your Data — Here’s How You Plug the Hole

Five Evil Things a Hacker Does to Your App

Protecting Android Applications That Use Crashlytics

RASP Deep Dive: Hype Versus Reality

Migrating from ProGuard or DexGuard to DashO

Latest Blog Posts

"Leaky Apps” Are Draining Your Data — Here’s How You Plug the Hole

Five Evil Things a Hacker Does to Your App

Protecting Android Applications That Use Crashlytics

RASP Deep Dive: Hype Versus Reality

Migrating from ProGuard or DexGuard to DashO

Latest News

Dotfuscator Adds Rooted Device Controls to Meet Exceptional Xamarin.Android Demand

Microsoft Build 2018

PreEmptive Solutions Launches GDPR Compliance Relief Program

Protecting Your Xamarin Apps with Dotfuscator

Third Major Dotfuscator Community Edition Release in 12 Months Expands Real-time Defense and Streamlines Xamarin Integration

Twitter

App Protection Blogs

Latest Blog Posts

Latest News

Twitter