How GuardIT^® Works

Harden Your Applications

GuardIT enables you to quickly build and easily customize a Guard Network (represented by an XML file called a GuardScript™) to protect your application. It then automates the process of injecting Guards according to the scheme specified by the GuardScript into your compiled binary.

Arxan Guards provide Binary Protection. The Guards are:

1. Small security units, under 100 instructions each
2. Inserted directly into the binary by sophisticated engine
3. Execute at specified locations in your application
4. Protect a specified area or function in your application, or another Guard.
5. React when a hacker attack is detected

Arxan Guard Types:

Arxan’s Guard technology is based on various Guard types that perform the functions of Defend, Detect and React:

• Defend against compromise
  • Encryption and Obfuscation to deter static reverse engineering
• Including powerful white box cryptography for key protection
  • Pre- and post-damage to minimize window of opportunity
• Detect attempted attacks
  • Anti-Debug to detect reverse engineering attempts
• Authentication and anti-tamper to detect modification attempts
• React in a customized fashion to detected attacks to prevent actual compromise to prevent actual compromise
  • Self-healing to undo attempted tampering
  • Customizable reactions, e.g. traitor tracing, warn user, exit or crash

Arxan’s Guards work in concert with each other that combines layers of these binary-based Guard types and creating“Moving-Maze” architecture against attacks. This design of dynamic defense ensures that the fortified application has no one single point of failure.

 

There are 3 Easy Steps to Protect Your Software Application with GuardIT:

Step 1: Assess Risk
Using standard best practices, Identify threats to the software, and which functions within the software are vulnerable.

Step 2: Design Protection
The protection design defines the Guard network through an XML-based file called the GuardScript, which is customized to the unique security requirements of the each application.  The resulting multi-layered and dynamic web of Guards provides durable, security that is scalable and easy to deploy.

Step 3: Software Protection
Protect your application with Guards. GuardIT takes the GuardScript and original compiled binary as input and provides the protected binary as output. Protection is fully automated and can be done via a button click on the user interface or can be scripted into your nightly builds via the command line invocation option.