Solution Briefs

Application Protection for iOS Solution Brief

Issue link: https://read.uberflip.com/i/1254761

Contents of this Issue

Navigation

Page 0 of 1

Solution Brief Digital.ai | Digital.ai Application Protection for iOS iPhones and iPads are primary customer touch points across all industries, and as a result, have created an expansive attack surface. The Apple App Store alone offers millions of apps to end users to download to their iOS devices — outside any secure perimeter — and run them in zero-trust environments. Today's cybercriminals are exploiting this distribution environment to expand their operations to attack mobile apps for financial gain by stealing customer identities, intellectual property, or by gaining access to back office systems. A recent report from Accenture Consulting found that a majority of iOS banking apps contained moderate to severe app risks. Mobile app attacks all have a common threat vector: they all start with reverse engineering — the disassembly of apps back to the original code. Reverse engineering of an iOS app can be executed using commonly available developer tools running on a jailbroken iOS device. Once disassembled, bad actors can uncover critical algorithms, discover keys and sensitive data, obtain API access, and understand how to best tamper with code. Once app code is understood, counterfeit apps can be created to steal user credentials. Or to execute even more insidious attacks, bad actors can utilize information gained from how apps interact with back office systems to stage attacks focused on an organization's servers. Digitial.ai Application Protection for iOS (formerly Arxan) iOS app protection Digital.ai Application Protection for iOS features automated, comprehensive, and customizable protections for iOS apps developed using the most popular development environment and languages. Digital. ai's application protection solution goes beyond traditional runtime application self-protection (RASP) by providing jailbroken device detection, layered and adaptive app protection, data encryption and threat alerting, and analytics. iOS code protection Digital.ai code protection can rapidly harden iOS applications with patented guarding technology, self-repair capabilities, and tamper resistance using a unique, configurable guard network methodology and threat detection. Alerting the business to attacks in progress is key to preventing damage, and Digital.ai integrated threat detection can alert organizations if apps are operating on jailbroken devices at the first sign of code compromise. Digital.ai code protection consists of interconnected guards and sensors that together create a protection blueprint. This protection blueprint is applied without requiring source code modifications. Initial code protection can deliver an essential level of protection within minutes that includes threat detection and -[LockScreenViewController confirmPinBtn sub sp, sp, #0x50 ; Objective C stp x20, x19, [sp, #0x30] atp x29, x30, [sp, #0x40] add x29, sp, #0x40 str x1, [sp, #0x40 + var_20] str xzr, [sp, #0x40 + var_28] add x0, sp, #0x18 ; argumant "add mov x1, x2 ; argument "value bl imp___stubs__objc_storeStrong adrp x8, #0x100033000 ; 0x1000332 add x8, x8, #0x2b8 ; 0x1000332b8g adrp x9, x9, #0x5d0 ; 0x1000335d00 ldur x10, [x29, var_18] -[LockScreenViewController confirmPinBtn sub sp, sp, #0x50 ; Objective C stp x20, x19, [sp, #0x30] atp x29, x30, [sp, #0x40] add x29, sp, #0x40 str x1, [sp, #0x40 + var_20] str xzr, [sp, #0x40 + var_28] add x0, sp, #0x18 ; argumant "add mov x1, x2 ; argument "value bl imp___stubs__objc_storeStrong adrp x8, #0x100033000 ; 0x1000332 add x8, x8, #0x2b8 ; 0x1000332b8g adrp x9, x9, #0x5d0 ; 0x1000335d00 ldur x10, [x29, var_18]

Articles in this issue

Links on this page

view archives of Solution Briefs - Application Protection for iOS Solution Brief