Hacker-Resistant Applications

Fortify Against Malware Exploits

Resources

In recognition that software vendors need to adopt this new layer of protection for their software assets, industry analysts at Gartner have identified application hardening as an emerging space in its Hype Cycle for Data and Application Security, 2007. The message is clear: any software protection strategy must go beyond simple license management to fully protect revenue and maximize growth.

Effectively Individualizing Software - Whitepaper

Download GuardIT Family of Products Data Sheet

GuardIT Features - Demo

Software applications are the favored target of malware authors, who continue to exploit coding and design vulnerabilities in applications to override end user systems. With over 250 estimated new numbers of strains or variations appearing daily, malware is quickly becoming an epidemic problem.

While other application security tools, such as source code and application scanners are quite effective at finding potential vulnerabilities, development teams are generally resource-constrained to fix all known vulnerabilities or secure all assets in time for an upcoming release.

Furthermore, zero-day exploits are now widespread and common events, creating strong and ad hoc pressure on development to quickly release security patches; which often affects the quality of a patch. Additionally, most patches are rapidly reverse engineered – revealing details of the underlying vulnerability and a remediation path to hackers that actually enable the creation of new malware.

Application hardening technology combined with a sound security strategy can keep you ahead in this unrelenting arms race.

As small units of object code - goodware!-are dissolved into the application, GuardIT’s anti-tamper and self-healing protection measures enable an application to detect and survive malware attacks.

Individualization measures allow companies to create diversified instances of popular software applications, providing immunity against broadly crafted malware. Phone-home capabilities allow proactive forensic reporting of areas in the application where attacks are being detected. These measures are easily and quickly inserted directly into the compiled binary, allowing vendors to confidently ship malware-immune software without undue impact on release schedules. Teams thus have ample opportunity to fully fix known issues at the source level in a planned, methodical fashion. GuardIT also allows obfuscation and diversification of security patches to prevent them from being misused to craft new malware. To learn more, request a demo.

Too often, teams focus on securing specific areas of the application without comprehensively hardening the overall software package, such as when using performance-intensive solutions based on obfuscation and encryption alone, forcing a tradeoff between run-time speed and security coverage. Unfortunately, selective protection leaves many backdoors and side channels open for hackers to compromise and pirate your software.

Arxan’s binary-based GuardIT solution provides comprehensive protection quickly and without affecting application performance.

There are two major classes of hacks on applications:

• a generic hack on the underlying metering layer such as license management or password protection
  • Applications which use third party solutions off-the-shelf without modification or customization are automatically vulnerable
• a targeted hack on the individual application.
  • These are time consuming hacks that create and forge a window of opportunity to realize revenue on new software releases

By hardening your application to make your protection as individualized as possible, you maximize the effectiveness of your metering and/or layer(s). Closely intertwining defense logic with application logic is a particularly effective strategy to frustrate hackers, but is hard to implement securely. GuardIT’s unique detect and react capabilities simplify this challenge, allowing you to quickly and easily build highly intricate, fully individualized protection. Learn More →

Static protection technologies such as obfuscation and encryption offer a strong initial barrier to hackers. Once breached however, this barrier is permanently broken and your intellectual property is irreversibly vulnerable. For long term protection, intelligent and dynamic protection is essential along with continuous monitoring of the application’s integrity and run-time status. The reaction mechanisms should vary based on the type of attack and your business needs.

For example, simple forensics or phone-home reporting is adequate to build internal piracy data and identify prospects for legal license purchase. More aggressive measures such as fault injection or forced termination are more appropriate for high-value software. Proactive renewal measures such as key renewal, silent patching and signature list updates are valuable for security tools such as anti-virus utilities and VPN utilities.

Click here to learn how GuardIT empowers you to make your protection intelligent and dynamic, based on the 7 Key Factors for Successful Software Protection.

Your security should hinder hackers and not legitimate users or legitimate fair use. Transparent, low-impact protection solutions allow you to build customer loyalty while frustrating hackers. Effective application hardening not only keeps out piracy-driven hacking, but also promotes application security against internet-based attacks and malware. This further enhances your brand value and customer experience. GuardIT security is entirely contained within your software application and “appears” only when illicit activity is detected.

To see for yourself how GuardIT robustly protects your software without adversely impacting run-time performance or legitimate user experience, click here for GuardIT Demo.

You can rely on protection measures to increase the in-field longevity of your intellectual property. For maximal effectiveness and long-term efficiency, your security strategy must account for renewing protection across major and minor software releases. It must also allow for the broadening and deepening of protection as your application grows and as hacking technology evolves.

Click here to see how GuardIT supports your growing protection needs through its easy scriptable protection design and continuously growing Guard Library.