Skip to main content

“Self-defending applications become crucial as modern architectures migrate software logic to the client side”

San Francisco, CA – July 10, 2019Arxan Technologies, the trusted provider of application protection solutions, announced today that the company has been recognized for the third time as a Representative Vendor in the Gartner Market Guide for In-App Protection1 report, formerly the Market Guide for Application Shielding report. In the 2019 report, Gartner extended the scope of the Market Guide: “application shielding encompasses obfuscation and anti-tampering, and was the main focus of the previous iterations of this Market Guide. Gartner client inquiries in the past year have made it clear that a more comprehensive set of functionalities is sought. The scope of the Market Guide has, therefore, expanded beyond application shielding, runtime protection, anti-malware, anti-bot and others.”

“Self-defending applications become crucial as modern architectures migrate software logic to the client side. Security and risk management leaders must take due care in protecting their application clients to avoid turning a promising software design trend into a security failure,” Gartner states. “In-app protection technologies protect applications from the inside, without requiring external components to be installed on the device on which the application runs. Thus, in-app protection is particularly suited to high-value applications running on unattended devices or untrusted operating environments. This means that in-app protection is mostly used to protect application clients that run on user endpoints. Use cases often involve consumer-facing applications, JavaScript client-side code and mobile apps.”

Arxan Application Protection is the first in-app protection solution that “closes-the-loop” between releasing a protected app and delivering timely, actionable threat intelligence directly to customers to enable rapid response. Arxan Application Protection ensures apps are protected against run-time attacks, are defended against reverse engineering, and are able to encrypt and secure data and communication keys with White-Box Cryptography. Arxan threat analytics provides customers with granular and real-time visibility into app threat data that can be easily consumed and enhanced by WAF, SIEM, fraud detection and other security solutions. Arxan solutions protect apps developed in all major development languages and operating systems, is compatible with a majority of development environments, and is available via the cloud or on-premises.

Gartner analysts outline key recommendations in the report, advising that companies “choose in-app protection for critical and high-value applications that run within untrusted environments and move software logic on the front end. The most common use cases will be mobile apps, single-page web apps (especially consumer-facing ones) and software on connected devices.” The report goes on to state, “although the technology can be applied virtually on any application, choose in-app protection to protect software that:

  • Contains high value (transactional or intellectual — for example, payment applications or internal-facing applications with trade secret information)
  • Runs in untrusted environments — for example, on customer devices or unattended connected devices
  • Moves critical parts of the software logic to the client — for example, mobile and client-side JavaScript applications, as well as software for connected devices”
  • Use in-app protection “where more than basic security and management policies are needed. Favor solutions that provide flexible response options based on risk indicators and analysis”.

“We believe that Gartner has appropriately recognized the increasing market demand for more comprehensive solutions to protect apps in a growing threat landscape. The trend of moving business logic to the client side of an application coupled with a failure from traditional, network-centric providers to protect these assets outside the perimeter creates a massive attack surface – and adversaries are taking notice,” says Joe Sander, CEO, Arxan. “In-app protection must include prevention, detection and response – and it should be an integral part of an organization’s security architecture. This is precisely what Arxan has always done, and why Arxan stands out in this year’s report.”

Arxan offers the most comprehensive portfolio of protection, detection, remediation, analytics solutions and app deployment globally.  The company also continues to innovate to include seamless protection for hybrid apps, easy integration into DevOps or DevSecOps processes with rapid app protection, critical visibility to stop app-level threats in real time. Arxan is the only In App Protection vendor to achieve the ISO 13485: 2016 compliance, the global standard for medical device quality management systems (QMS) focused on protecting confidential health information, obligations around regulatory requirements, and a risk-based approach to controls of the QMS. Arxan Cryptographic Key & Data Protection (also known as white-box cryptography) has also been awarded FIPS 140-2 Certification and offers the highest level of protection for sensitive information (cryptographic keys, and data at-rest, in-transit and in-use), meeting the strictest security regulations for encryption today.

Gartner defines the in-app protection market as “security solutions implemented within the application (instead of the network or the operating system, for example) to make the application more resistant to attacks such as malicious data exfiltration, intrusion, tampering and reverse engineering. Enterprises use in-app protection to safeguard their software-based assets, and to protect their organization and customers from fraudulent attacks.”

To access a complimentary copy of Gartner’s “Market Guide for In-App Protection” please visit:

1Gartner Market Guide for In-App Protection by Dionisio Zumerle and Manjunath Bhat, July 3, 2019

Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Arxan Technologies

Arxan, a global trusted leader providing the industry's most comprehensive application protection solutions, works with organizations looking to protect applications or securely deploy and manage business-critical apps to the extended enterprise. Arxan currently protects more than one billion application instances across many industries including financial services, mobile payments, e-commerce, medical devices, automotive, gaming, and entertainment. Unlike legacy security solutions that rely on perimeter-based barriers to keep bad actors out or that require device management controls, Arxan solutions protect at the application-level from the inside out. This approach protects the source and binary code to expand the corporate perimeter of trust. Arxan provides a broad range of patented security capabilities such as a dynamic app policy engine, code hardening, obfuscation, white-box cryptography and encryption, and threat analytics. Founded in 2001, Arxan is headquartered in North America with global offices in EMEA and APAC. For more information, please or follow @Arxan on Twitter.