Protect your Software Before, During and After the Hack
Hackers are increasingly targeting consumer and enterprise mobile, server and desktop apps as attack vectors. Your applications may be at risk for:
- Intellectual Property Theft
- Fraud and Unauthorized Access
- Trust and Brand Damage
- Confidential Data Theft
- Revenue Loss
Here are some things you can do before, during and after the hack:
- Apply Software Protection / Obfuscation
- Inject and Utilize Security State Detection and Response
- Strengthen Legal Efforts
Before - Software Protection / Obfuscation:As an obvious protective measure, audit your software for known and potential security vulnerabilities and remedy them before releasing them “into the wild”. Also, apply techniques such as code obfuscation and hardening to make it materially more difficult to reverse engineer and hack code by breaking the required tools and/or making the output extremely hard for a human to follow.
During - Security State Detection and Response:The application hardening process should also make app much more resistant to tampering. For example, a protected app could detect if a debugger is attached at runtime, or if it has been tampered with in anyway, or it is running on a jailbroken or insecure device, etc. and respond/report appropriately. As an illustration, debug defense can trigger multiple defenses and randomly apply them to further confuse a hacker and possibly, the app itself can be bricked and self-report a potential attack.
After - Strengthen Legal Efforts:Under the recently enacted Defend Trade Secrets Act, a company can pursue claims for trade secret theft in a court and seek remedies. However, to take full advantage of these remedies, companies must identify trade secrets and implement reasonable secrecy measures to protect them. Applying these general rules to software applications, obfuscation and hardening technologies can play a critical role in establishing the required “reasonable efforts” to maintain the secrecy of your IP.
Contact us to schedule a meeting to learn more, to see demo and/or request an evaluation.
Today more than ever, applications are mobile and can be run worldwide. And many useful apps access sensitive data and have value-added functionality within them (such as trade secrets). Because traditional firewall type attacks are much more difficult today, hackers are increasingly targeting both consumer and enterprise mobile and desktop apps as a newer attack vector. So, those apps may be at risk from theft of IP/underlying sensitive data, malware injection and more advanced targeted threats.
There are many ways to get sharp insight into your production applications, including:
Cloud, mobile and distributed software services have made simulating “true” production impossible while production and release cycles have become