Mobile App Protection with IBM

Protect Mobile Apps from Hacking Attacks and Malware Exploits

We live in a mobile, personal world, where nearly 7 billion mobile IBM_Quotedevices will exist by 2014 and 108 billion mobile downloads are projected to take place by 2017.

Businesses are transforming their strategies and operations with mobility to launch new innovative business-to-consumer products and services and improve their employee productivity and business agility. Mobile applications have an increasingly high value at stake with the multi-billion dollar App Economy.  

As mobile apps proliferate, they are increasingly susceptible to a set of new mobile application risks and attacks that compromise the brand equity, intellectual property and sensitive data of the mobile enterprise.

Applications are increasingly vulnerable to attacks and most have not adequately addressed many of the new risks applications face.

The integrity of these apps must be protected, as secure coding and traditional app security practices alone cannot prevent these new attacks of app reverse-engeering and tampering.

  • According to IBM’s own X-Force research, more than 30 percent of attacks are against applications
  • Arxan 2013 State of Security in the App Economy:
    • 56% of top 100 paid apps on Apple iOS had hacked versions available
    • 100% of top 100 paid apps on Android had hacked versions available
  • Symantec research reveals that antivirus software now stops only 45% of attacks; new protections are needed 

Application hacking is becoming easier and faster than ever before. 

It's Fast     Recent research found that in 84% of cases, the initial compromise took hours or less to complete (BDIR, Verizon 2014 report) 
It’s Relatively Easy There are automated tools readily available in the market to support hacking, and many of them are available for free!
Mobile Apps are “Low-Hanging Fruit” In contrast to centralized web environments, mobile apps live “in the wild”, on a distributed, fragmented and unregulated mobile device ecosystem. Unprotected binary code in mobile applications can be directly accessed, examined, modified and exploited by attackers.









Proactive application integrity protection with Arxan’s award-winning Guarding technology enables IBM MobileFirst customers to deploy mobile apps with confidence.


Together, IBM and Arxan provide an integrated solution for customers to:

  • Extend their security posture across the mobile application lifecycle; from analysis to remediation and run-time protection.
  • Shield their apps across the full scope of risks; from programming flaws to advanced integrity attacks and malware exploits.

A number of videos are accessible below. The videos cover:


  • The latest risks for mobile apps and how to protect them
  • How to protect mobile apps against attacks
  • An interview with Arxan CMO, Patrick Kehoe, talking about IBM's strategic relationship with Arxan
  • A demonstration of how easy it is to hack an app 

How Arxan’s Solution Fits Within and Complements IBM’s Security Portfolio: 

  • Arxan and Appscan The combination of IBM AppScan and Arxan, in particular, brings a unique ‘Scan and Protect’ strategy for mobile application security, thus enabling a consistent, scalable approach to securing sensitive applications holistically.
  • Arxan and Worklight
    • With an easy instrumentation during the build process, Worklight users can gain comprehensive Arxan app protection for their custom code and SDK libraries and add tamper-resistant jailbreak/root detection and package integrity capabilities. 
    • In addition, customers can use the Worklight console to receive automated threat alerts from Arxan protected apps. Arxan is the first security technology that has been certified with Worklight
  • Arxan and Trusteer (or other MAM/MDM solutions) and Fiberlink
    • Arxan Application Protection is complimentary to most MAM / MDM solutions
    • MAM/MDM focus on policy level security – governing who accesses an application, when, where, etc. They are great for keeping honest users honest, but they won’t stop a determined professional attacker or help with a consumer-facing (B2C) app. 
    • Arxan protects the application itself against hackers, exploits, and malware
    • Arxan’s tools address a particular threat vector, based on hacking and exploiting the application. Other products address different threats. (For instance, Trusteer focuses on detecting fraud and malicious usage with transactions, and Fiberlink focuses on controlling IT policies about internal employee access and usage of corporate data).

For more information email us at



Arxan & IBM App Protection Webinar Series

5 Key Ways to Incorporate Security Protection into your Organization’s Mobile Application Development Lifecycle 
Date/Time: August 13 at 11 AM EDT



Part 2 of a 3 Part Series - Click above for more information and to register 







Terms of Use|Site Map

© 2014 Arxan Technologies, Inc. All Rights Reserved.