Arxan Announces Enhanced Mobile Runtime App Self Protection (RASP) Capabilities
Bethesda, MD – December 9, 2014 – Arxan Technologies, the leading provider of application protection solutions and Deloitte Technology Fast 500 winner, today announced it has enhanced Runtime Application Self Protection (RASP) capabilities as part of its application protection technology to further protect the integrity and confidentiality of mobile, embedded, desktop and server applications.Building on other “runtime application self-protection” capabilities, Arxan now offers new protections which provide runtime tamper detection capabilities for Java applications. Arxan’s RASP adds protection features into the application runtime environment to give applications another level of protection from malicious attacks. In Gartner application security analyst Joseph Feiman’s recent Maverick report, he advises that CISO’s should “make application self-protection a new investment priority, ahead of perimeter and infrastructure protection. Perimeter protection technologies cannot protect what ceases to exist — the perimeter, which dissipates in the mobile, consumer-oriented and cloud-oriented world.”
Arxan’s RASP addresses today’s sophisticated attacks with security measures that:
- Accurately identify and block attacks, given visibility into an application’s logic and data flow
- Check to ensure that the application is running in a safe environment (e.g., detecting if an app is running on a jailbroken device or if a debugger is running, that could enable attackers to examine a program while it is running)
- Detect malicious activity from other running apps via Swizzling or Hooking
- Respond to runtime attacks with customizable actions, which may include:
o Replacing tampered code with the original code during runtime o Exiting the application safely when a runtime attack is detected o Alerting monitoring systems that an attack has happened “Without Runtime App Self Protection, external malicious apps can intercept the execution of genuine application at runtime and modify it for nefarious activities. The need for RASP is now a reality with the recent examples of WireLurker and Masque,” said Vince Arneja, VP of Product Management at Arxan Technologies. Accordingly, Gartner analyst and vice president David W. Cearley names Risk-Based Security and Self-Protection among the top technology trends for 2015.[ RASP combines real-time analysis of application behavior (what the application is doing right now) with real-time contextual awareness (what has led up to the application doing what it is doing right now). Thus, continuous security analysis becomes a native function of the runtime environment, with the system responding immediately to any recognized attacks. Because security functions are applied from within the application, with instruction-by-instruction awareness of what the application is precisely doing, RASP avoids the false positives that plague other mitigation methods.
To learn more about Arxan’s honored application protection technology and innovative approach to RASP, please contact us.
About Arxan Technologies
Arxan provides the world’s strongest application protection solutions. Our unique patented guarding technology 1) Defends applications against attacks, 2) Detects when an attack is being attempted, and 3) Responds to detected attacks with alerts and repairs. Arxan offers solutions for software running on mobile devices, desktops, servers, and embedded platforms – including those connected as part of the Internet of Things (IOT) – and is currently protecting applications running on more than 300 million devices across a range of industries, including: financial services, high tech/independent software vendors (ISVs), manufacturing, healthcare, digital media, gaming, and others. The company's headquarters and engineering operations are based in the United States with global offices in EMEA and APAC.
|Gutenberg Communications Jordan Hubert P: 408.832.3425 E: firstname.lastname@example.orgJodi Wadhwa Arxan Technologies P: 1-301-968-4295 E: email@example.com|