JSDefender Overview

What is In-App Protection & Obfuscation and how does it apply to JavaScript?

Unlike languages like .NET and Java that are compiled to intermediate, stack-based assembly instructions before being distributed in binary form, JavaScript apps are typically distributed in source form. This means that your code is directly visible to anyone with access to the execution environment (like a browser). So, potential attackers can very easily step through the running code using a debugger built into their browser, or use other tools to statically analyze the code for vulnerabilities.

Does this matter?

  • Does the JavaScript contain code you don’t want competitors to copy or clone?
  • Is there a reason a hacker might want to circumvent some of your checks or actively look for vulnerabilities?
  • Is there risk of harm or reputation damage if the code is modified in a nefarious way? (e.g. to serve malware, or to enable phishing, etc.)

If the answer is “yes” to any of these questions, then consider obfuscating and protecting your JavaScript code.

Why should I obfuscate and protect my JavaScript Apps?

  • To make it more difficult for a hacker to reverse engineer your code
  • To hide business logic and unique algorithms
  • To make it more difficult for a hacker to debug your application and look for vulnerabilities
  • To make it more difficult for an attacker to exploit those vulnerabilities, once found
  • To reduce the code size (minification aspect of obfuscation)
  • To make it more difficult for an attacker to modify or steal your code