Threat Analytics Solution Brief
Closing the Loop with Arxan Threat Analytics
Arxan Threat Analytics is an integrated service that provides visibility into the security p
Arxan for Android
Code, key and data protection plus threat detection for apps written in Java or Kotlin,
as well as C/C++ Android libraries.
Protecting Android apps and understanding their threat posture are critical to managing risk in today’s zero-trust world.
Protect
Cybercriminals can exploit mobile apps reverse by engineering them to expose code and steal customer identities, intellectual property or gain access to back office systems.
Arxan for Android protects mobile apps with code hardening technology enabling runtime protection against reverse engineering and code tampering along with the ability to repair attacked code and disable app functionality when attacked.
Alert
Equally important to code protection is threat detection and alerting. The ability to detect and alert on active reverse engineering or tampering attacks is essential to getting in front of Android app attacks - stopping them before they go viral.
With integrated threat detection and alerting, Arxan for Android closes the loop between protecting Android apps and understanding their real-time threat posture.
Encrypt
Providing full protection for Android apps also requires that communication keys, API locations and critical in app data be encrypted to protect against attacks. Arxan Key & Data Protection delivers added security by encrypting static and dynamic keys and sensitive application data with white-box cryptography that utilizes mathematical techniques and transformations to blend together app code and keys to secure cryptographic operations.
Multi-Layered Approach to Protecting Android Applications
- Protection at the speed of DevOps - rapidly inject essential app code protections and threat detection sensors after code development, without disrupting your DevOps process
- Real-time alerting - notifies organizations: if apps are running on rooted devices, when reverse engineering attacks are in progress or other suspicious behavior via Arxan Threat Analytics
- Static protection - obfuscates source code, making it harder for attackers to understand and analyze for reverse engineering
- Active protection - in the event of reverse-engineering, tampering or malware attacks, the app can be shut down, sandboxed, self-repaired or behavior changed in response
- Randomized code obfuscation – inserting honeypots and deceptive code patterns to increase the difficulty of reverse engineering and tampering
- Continuous platform support - Arxan is committed to delivering platform support for the latest versions of Android operating systems within five days of release
Rapid Android App Security
- Essential, unmatched Android app protection integration within minutes
- Streamlined integration with DevSecOps and CI/CD environments
- Immediate discovery of an app’s risk posture from the moment it’s published
Arxan for Android Tech Specs
Languages
- Java
- Kotlin
- C/C++
IDE/Compilers
- Android Studio
- Android NDK
DevOps Tool Integrations
- Jenkins
- Puppet