In a recent developer survey, Xamarin.Android developers were 50% less likely to have included rooted device detection or anti-tamper prevention as their Java Android peers were. Yet, both sets of apps are being deployed through the same marketplaces onto the same devices and are governed by the same regulations (PCI, GDPR, HIPAA to name just a few that expect these kinds of controls).Why are more Xamarin.Android apps going unprotected?
Whether you're using Azure Pipelines, TeamCity, Jenkins, or your local dev machine, Dotfuscator Professional is easier to integrate than ever before.
Last August, we released an easier, better way to integrate Dotfuscator into your build process. We quickly followed that with new instructions for Xamarin integration - making Dotfuscator the easiest-to-integrate (and still most-effective!) Xamarin protection product, by far.
Today, we're releasing a suite of features and components that make it much easier to provision Dotfuscator into your continuous integration environment, making it easy to use in your automated build, too.
Dotfuscator Pro 4.39 includes MUCH simpler Xamarin Project integration and Anti-tamper and Rooted device controls for Xamarin.Android
Dotfuscator 4.39, available for download, now includes Anti-tamper controls for Xamarin.Android. This feature adds to the growing list of run-time detection and response features that have rapidly emerged as standard controls required for every Android app processing sensitive information or secure transactions.
This release comes less than three weeks after Version 4.38 dramatically simplified the configuration of Dotfuscator within Xamarin projects and just a few months after Dotfuscator added Rooted Device detection and defense controls.
Prevention, detection, and response
Today, Microsoft announced Azure DevOps – Loosely, it is TFS and VSTS, with its services broken out into distinct components that can be used together or separately. The Azure DevOps services are Azure Boards, Azure Repos, Azure Pipelines, Azure Test Plans and Azure Artifacts. When Azure DevOps was VSTS and TFS, we supported integration with PreEmptive’s Dotfuscator. Today, none of that changes. As Azure DevOps evolves, we will continue to improve our integration, so that you can easily add multi-layered protection to your valuable apps.
In Mindset shift to a DevSecOps culture, Buck Hodges, Director of Engineering for Visual Studio Team Services, stressed the importance of both preventing breaches and “assuming breaches. ”In essence, prevention only gets you part of the way there. “Assuming a breach” allows for effective incident detection, response and recovery process planning.
The .NET Conference is right around the corner. Make sure to mark your calendar because this virtual three-day developer event is not one you will want to miss. Included will be a wide variety of live sessions for beginners to advanced developers to attend.
Learn to build and the latest techniques for:
The release of Dotfuscator v4.37 yesterday marks the first big step toward a major goal: to modernize our Visual Studio integration. This release is numbered as a "minor" release - because, as always, we work hard to not make breaking changes - but its significance is actually very major.
Our current Visual Studio integration has always been one of the primary user interfaces for Dotfuscator; nearly half of our users use it, or have used it. Of those users, most are quite happy with it. (So we know that changing it is no small undertaking!)
However, there are some users who can't use it, or for whom it doesn't work very well. Notably, users with especially large projects, or complex build configurations, or more-modern projects that have heavy packaging components (including Xamarin and UWP), have all only had the option of our "standalone GUI" and a custom-made build integration.
First, thanks to PreEmptive for inviting me to do a guest post.
Since you're reading this on preemptive.com, you are already aware and probably concerned with the importance of planning for security in application development. And in this guest blog post, I want to address specifically the security vulnerabilities that legacy applications present to your entire organization.
If the Equifax hack wasn't a wakeup call for your entire appsec team, you're probably headed for an earlier retirement than you might otherwise have planned for.
Applications are under siege. As demonstrated by the recent Equifax breach and many others, hackers leveraged everything from compromised mobile apps to cloud-based vulnerabilities. The result? Enterprise IT teams are recognizing that they’re being targeted – particularly their critical apps.