The IT Nerd

Appdome, the mobile app economy’s one-stop shop for mobile app defense, today announced it has integrated its Cyber Defense Automation Platform with the CI/CD cloud-based service from JetBrains TeamCity allowing teams to automate the build, test and deployment of their mobile applications. JetBrains TeamCity is now part of the Appdome Dev2Cyber Agility Partner Initiative to advance the delivery of secure mobile apps globally.

Manual methods of cyber defense implementations in Android and iOS apps are complex, slow and brittle. Appdome’s cyber defense automation platform streamlines delivery and accelerates release times by using technology to build cybersecurity defenses into iOS and Android apps – including runtime application self-protection (RASP), code obfuscation, mobile data encryption, jailbreak detection, root detection, man-in-the-middle attack prevention, on-device anti-malware, anti-fraud, anti-cheat, anti-bot and other protections. The new Appdome-JetBrains TeamCity partnership solves mobile brands’ need for technology platforms to automate the delivery of cyber defense in mobile apps and to keep pace with modern DevOps pipelines.

Today, global consumers demand more protection than ever in their mobile app experiences. Appdome’s recent Global Consumer Expectations of Mobile App Security survey revealed that 94% of global consumers would promote a brand if the mobile apps protected them against security, fraud and malware risks. 68% also indicated they would abandon brands that offered no protection.

For more information on how to use Appdome’s Build 2-Secure Plugin for JetBrains TeamCity, please register for their webcast November 7 or please see this knowledge base article.

Learn more at www.appdome.com.

Appdome, the mobile one-stop shop for mobile app defense, today released new threat evaluation tools inside ThreatScope™ Mobile XDR to deliver enhanced monitoring, investigation and threat evaluation for mobile apps and brands globally. Among the new tools is Threat-Inspect™, a powerful new ability to investigate, drill down, share and report on defenses, attacks and threats in the production environment. 

Appdome’s ThreatScope™ Mobile XDR gathers thousands of threat signals from mobile app security, hacking, fraud, malware, cheat, and bot attacks from inside deployed mobile apps, and translates that data into brand relevant views that cyber, fraud and business teams can use to evaluate and respond to mobile threats and attacks in real time. The new evaluation tools include: (1) Threat-Inspect, for deep threat inspection, (2) Threat-Views™, for creating savable monitoring perspectives by app, device, OS, attacks and other parameters, and (3) Threat-Snapshots for ease of reporting and collaboration. ThreatScope Mobile XDR is pre-integrated with Appdome’s Cyber Defense Automation platform for Android & iOS apps for instant response to any cyber or fraud attack. 

The new threat evaluation features in ThreatScope Mobile XDR provide mobile businesses and brands: 

Threat-Inspect™ allows cyber teams to pivot between “All” and “Unique” attacks as well as between attacks and “Impacted Devices,” to see the number of unique devices experiencing each attack. This new capability allows cyber responses to be tailored to the specific threat(s) in the production environment while also easing the remediation burden for mobile users and brands globally. 

A unique feature of Threat-Inspect is that it also can be used in conjunction with Appdome’s recently released Build-to-Test automated testing capability. Build2Test allows Appdome-protected mobile apps to be used inside automated mobile app testing suites, logging all security events for the developer to track and monitor. These logged security events are now visualized inside Threat-Inspect. 

Threat-Views™ allows security teams to zoom in and monitor specific aspects of the mobile app defense, attack and threat data shown on ThreatScope. Create and save any number of Threat-Views to monitor one or more mobile applications, OS, OS Version, attack vector, mobile app release, Fusion Set (defense model), geographic region or other parameter. Threat-Views enable persistent business level viewing and analysis, which is essential for demonstrating ROI and keeping the overall mobile business safe. 

ThreatScope Snapshots™ allow cyber teams to export and share real-time mobile app defense and attack snapshots from ThreatScope, Threat-Views or Threat-Inspect data. Use ThreatScope Snapshots to keep cyber, fraud, and business teams informed on progress in stopping security, fraud, malware, and other attacks, demonstrate compliance, or collaborate with other teams internally. 

Powering these features are new levels of metadata now available in ThreatScope. These include enhanced attack, threat and fraud metadata including geo-location, unique identifiers for threats and impacted installations as well as new options such as IP address and more. This metadata allows mobile brands to click to see all the in-production mobile apps and installations impacted by each attack or threat. Simply click on a specific attack or threat and choose the impact view needed by each business line. IP address and unique device data can now also be downloaded for offline analysis. 

Appdome’s Threat-Scope Mobile XDR is the only XDR solution offering consolidated, real-time, cyber security, fraud, malware, cheat and bot attack and threat intelligence from in-production Android & iOS apps. With ThreatScope Mobile XDR, mobile brands, developers, cyber and fraud teams can immediately respond with updated security models, build-by-build and release-by-release and prioritize protections that have a real impact on the mobile business and users. The entire ThreatScope Mobile XDR capability inside Android & iOS apps without any burden on mobile dev teams, including no code, no SDK and no servers to deploy and, most importantly, no separate agent installed on the mobile device. 

For more information about ThreatScope™ Mobile XDR visit: www.appdome.com 

Appdome today announced new mobile anti-malware protections that detect Android Accessibility Service Malware such as Xenomorph, Brasdex, Octo, Sharkbot, Flubot, TeaBot, PixPirate, Sova, Spynote, Joker and more. These malware are used to carry out large scale, distributed attacks on mobile banking apps, crypto wallets, and other financial services apps.

Accessibility Service is the Android framework designed to allow mobile applications for individuals who are disabled to interact with all applications on an Android device. Unfortunately, Accessibility Service is now the target of abuse by fraudsters and others, who use malware to connect through Accessibility Service into banking and other mCommerce applications. Once the Accessibility Malware is on a user’s device, it can listen, collect, intercept and manipulate Android Accessibility Service events to perform harmful actions on behalf of users without their knowledge, often mimicking human actions within the mobile app, such as harvesting login credentials and completing transactions. Two of the most advanced variants focus on Android banking apps – BrasDex in Latin America and Xenomorph in the U.S. and Europe use Automated Transfer Systems (ATS) malware. ATS malware can complete end-to-end transactions – without a user being involved.

Appdome’s new Prevent Accessibility Malware feature includes:

• Detection of ATS Malware using dozens of methods.
• Detection of ATS Malware methods, such as Overlay and Keylogging in the context of Accessibility Service
• Set Trusted Accessibility Services, so brands can identify the Accessibility Service applications recommended to their users.
• To supplement Trusted Accessibility Services, Appdome has included an Accessibility Service Consent that allows mobile end users to accept specific Accessibility Services applications to be used with their applications.

Appdome’s Cyber Defense Automation platform for mobile apps empowers developers and cyber teams to seamlessly build protections against Accessibility Service Malware directly into any mobile app, all from within the DevOps CI/CD pipeline with no code or coding required.

For more information about Appdome’s Accessibility Malware prevention, visit: https://www.appdome.com/how-to/mobile-malware-prevention/android-malware-detection/prevent-accessibility-service-malware-on-android-apps/

Appdome, the one-stop shop for mobile app defense, today announced the launch of its new Mobile App Defense Project, a community program aimed at improving mobile DevSecOps through collaboration with more than 50 renowned mobile app penetration testers around the world. This initiative aims to foster a more secure mobile app economy, raise the bar on mobile app defense and provide rapid, validated, continuous cyber and anti-fraud solutions for all mobile applications globally.

As mobile application use and revenues continue to rise dramatically, mobile application security testing has become a hot topic and fast emerging discipline in the economic landscape. Cyber threats, attacks, tools, methods, and techniques targeting Android & iOS apps, infrastructures and users continue to evolve and proliferate. The Mobile App Defense Project is designed to harness the collective strength of the global pen testing community to provide cutting-edge cybersecurity, anti-fraud, anti-malware and other solutions in mobile applications worldwide.  

Through this program, Appdome will collaborate and share research with leading mobile app penetration testing companies, renowned for their expertise in identifying exploits, vulnerabilities and conducting rigorous security assessments of Android & iOS applications. Appdome will also integrate the recommendations provided by these partners into Appdome’s cyber defense automation platform to deepen and accelerate mobile app defenses for all mobile brands.  

As a community project, Appdome will also contribute cyber and threat research to the community as well as fund education, awareness, and other programs to benefit mutual customers and the broad cyber community defending mobile brands, businesses, and users.  

Some of the founding members of the Mobile App Defense Project include:

• 7ASecurity
• Bishop Fox
• Bugcrowd
• Chaleit
• Claranet Cyber Security
• Cloudvolution
• Cyber Legion
• Cytix
• eShard
• Firmus
• Hacken
• Informer
• Innovery
• Key-Wisdom
• Kualitatem
• Mondas
• NetSPI
• Nettitude
• NST Cyber
• Open-Sec
• PacificSec
• Pentest Limited
• Pragma
• Secarma
• SecureLayer7
• Technopath
• Tekium Mexico
• The SecOps Group
• WebSec

Appdome, the one-stop-shop for mobile app defense, today announced the release of Generation 5 of its in-app mobile defense framework, the core protection framework delivered by its cyber defense automation platform. With “Gen5”, Appdome provides the most advanced cyber and anti-fraud defenses for the newest mobile platforms, more sophisticated in-app UX/UI choices and new telemetry and intelligence options for mobile brands globally. 

As mobile applications become the dominant force in the consumer landscape, mobile operating system and device manufacturers are pushing the boundaries of what it means to be a mobile device. Evolutions in the languages and frameworks used to build mobile applications, new OS and device architectures and integrated devices like watches, VR headsets and more, offer compelling new experiences for all users. At the same time, these new experiences create new engineering complexities for mobile app defense and new attack vectors for hackers and other malicious actors to exploit. Traditional mobile security and anti-fraud SDKs fall behind or end up as shelf ware, unable to be deployed due to complexity, incompatibility or compromise. 

Key highlights of Appdome’s Gen5 mobile defense framework include: 

Symbiotic Detection & Defense in Mobile Apps 

Gen5 levels up the in-app mobile experience and UX/UI choices when attacks happen with key upgrades to Threat-Events™, Appdome’s in-app threat intelligence and control framework. For example, Threat-Events now includes deeper attack and threat data as well as optional conditional detection and enforcement policies, allowing the mobile application to inform Appdome when to inspect or enforce a given defense. In Gen5, Threat-Events also includes a mobile device heartbeat, allowing Appdome to signal the mobile app about device and/or connection health before initiating a workflow (such as a transaction) in the mobile app. 

Extended Threat Intelligence and Data  

Gen5 also extends the role of Threat-Events, allowing its rich mobile application attack and threat data to be consumed outside of the mobile app. For example, Threat-Events can now feed and inform external systems, such as Appdome’s ThreatScope™ (Appdome’s mobile XDR offering), web application firewalls (WAFs) as seen in Appdome’s new MOBILEBot™ Defense* solution and other systems. To support this, Threat-Events was given its own Adhesive Network Stack, with built-in intelligence features, to allow for network handling and decision-making based on the payload and the ability to add or modify the header or traffic type in runtime. 

Better Security with the Newest Mobile Methods and Architectures 

Gen5 offers the highest performance mobile app defense on the market. Inside Gen5, mobile brands get: 

•  Mobile App Defense Designed to Scale. Gen5 takes full advantage of modern mobile architectures, methods, frameworks and processors to maintain the highest performance defense and intelligence actions, without compromising security. 
• New Deep Threat Detection enabling a new class of mobile malware protections, including OS remount, unlocked bootloader, custom ROMs and geo-spoofing detection, all without unnecessary permissions. 
• New Behavioral Detection Methods to detect advanced threats such as detecting digital manipulation techniques to create fake facial images to bypass facial authentication, accessibility malware defense and more, all without unnecessary permissions. 
• New Dynamic Encryption to ensure that every block of data uses the most secure and optimized options available – as well as the ability to change the implementation on the fly based on the data and the encryption capabilities available. 
• New Obfuscation techniques and optimizations for Kotlin and metadata, Java decoding and faster resolution of obfuscated classes – all while minimizing file size impact. 
• Support for Mac M-series Processors for iPhone and iPad apps available in the Mac App Store.  
• Support for VR-headsets including Meta Quest and Apple’s Vision Pro VR Headset.  
• Built-in crash reporting to simplify troubleshooting of deployed apps. 
• WYSIWYG, Fully Modular Architecture to avoid unnecessary file size impacts and support the widest range of devices and operating systems.  
• Full Support for all Mobile Languages and Frameworks including all recent updates to Obj-C, C+, Java, JS, C#, C++, Swift, Kotlin, Flutter, React Native, Unity, Xamarin, Cordova and more. 
• No-Code, No-SDK, Fully Automated Delivery purpose built for the mobile DevOps pipeline. 

Appdome Gen5 will be available to Appdome Dev+ customers beginning July 1, 2023. To learn more about the platform and its new features, visit:  www.appdome.com. 

 Appdome, the mobile app economy’s one stop shop for mobile app defense, today announced the launch of its new MOBILEBot Defense solution. This groundbreaking solution offers mobile brands unparalleled bot detection, comprehensive intelligence and rapid defense against malicious bots, credential stuffing and account takeovers (ATOs) in mobile app business lines. Appdome is currently the only company to offer comprehensive anti-bot defense built specifically for mobile apps. 

As mobile applications become the dominant force in the consumer landscape, mobile bots, malware bots and other automated programs pose a significant threat to business integrity, transaction integrity, security, user accounts and business reputation for mobile app owners. Traditional anti-bot offerings are struggling to keep pace with the evolving diversity and sophistication of mobile applications, often trying to force-fit bot defense methods designed for web applications onto mobile frameworks. This mismatch often requires mobile app developers to face implementation complexities, change the mobile application network stack, remove valuable TLS protections or limit bot defense to a single host. The result, for an increasingly mobile economy, is that larger parts of the mobile infrastructure are left vulnerable to mobile bot attacks, fraud, ATOs, API abuse, credential stuffing and more.  

Appdome’s MOBILEBot Defense solution offers several advantages for mobile brands looking to stop mobile bot attacks, fraud, ATOs, API abuse, credential stuffing and more including: 

• Higher performance mobile anti-bot defense to detect and stop mobile bots on any number of hosts, URLs and API endpoints without added cost. 
• Comprehensive mobile device and connection risk detection, providing greater granularity, insight and choice of over 100+ on-device threats like Android and iOS malware, hacking frameworks, instrumentation frameworks, jailbreak, root, Magisk, Zygisk, jailbreak bypass, Man in the Middle (MiTM) attacks and more. 
• Deeper mobile bot detection, providing greater granularity, insight and choice over 50+ mobile bot detection methods in Android and iOS apps like auto-tapping apps, keystroke injection, emulators, simulators, virtualization, dual space, second space, Android players, accessibility malware and more. 
• Stronger mobile application fingerprinting using multi-layered methods to distinguish legitimate mobile apps from fake apps, trojan and malware-controlled apps and botnets.  
• Advanced Bot Detection Intelligence allowing payloads to include the Mobile Threat-ID™, detailed threat description, Threat-Score™, attack geolocation and meta data such as DeviceID, Device Manufacturer, OS, Version and 14+ other variables. 
• Prepackaged MiTM Attack Prevention with hardened TLS, active MITM attack prevention, mTLS pre-authentication and more to safeguard connections and the anti-bot payload in transit. 
• Prepackaged geo-spoofing defense to catch geo-location spoofing and check for mismatches between variables such as time zone, longitude, latitude and other location attributes.  
• Prepackaged Bot Defense Shielding to bind the Appdome’s MOBILEBot Defense code to the mobile app and prevent tampering, disabling, bypassing or spoofing anti-bot signals. 
• Full Support for all Mobile Languages and Frameworks, including Obj-C, C+, Java, JS, C#, C++, Swift, Kotlin, Flutter, React Native, Unity, Xamarin, Cordova and more. 
• Full Support for any industry standard WAF to ensure speedy deployment and set up. 
• No-Code, No-SDK, Fully Automated Delivery, purpose built for the mobile DevOps pipeline – no servers or proxies. 

Appdome MOBILEBot Defense is available for Android and iOS mobile application and CI/CD pipelines under the new “Anti-Bot” tab on the Appdome Cyber Defense Automation platform. To learn more about this groundbreaking solution or to request a demo, visit www.appdome.com.   

 Appdome, the mobile app economy’s one and only Cyber Defense Automation platform, today announced it has integrated its platform with GitHub – the complete developer platform – to build, scale and deliver software. GitHub Actions is now part of the Appdome Dev2Cyber Agility Partner Initiative to accelerate the delivery of secure mobile apps globally. With this new integration, GitHub users can leverage Appdome’s configuration-as-code ease from inside GitHub and build any of Appdome’s security, anti-fraud, anti-malware, anti-cheat and other cyber defenses into Android and iOS apps. 

Appdome’s cyber defense automation platform streamlines delivery and accelerates release times by using technology to build cyber security defenses into iOS and Android apps – including runtime application self-protection (RASP), code obfuscation, mobile data encryption, jailbreak detection, root detection, man-in-the-middle attack prevention, on-device anti-malware, anti-fraud, anti-cheat, anti-bot and other protections. Manual methods of cyber defense implementations in Android and iOS apps are complex, slow and brittle. This solves mobile brands’ need for technology platforms to automate the delivery of cyber defense in mobile apps and to keep pace with modern DevOps pipelines. 

Today, global consumers demand more protection than ever in their mobile app experiences. As Appdome’s recent survey, Global Consumer Expectations of Mobile App Security, revealed, 94% of global consumers said they would promote a brand if the mobile apps protected them against security, fraud and malware risks. Sixty-eight percent also indicated they would abandon brands that offered no protection. 

For more information on how to use Appdome’s GitHub Actions workflow, please see this knowledge base article.  

Appdome, the mobile app economy’s one and only Cyber Defense Automation platform, today announced Build-to-Test which enables mobile developers to streamline the testing of cybersecurity features in mobile apps.

The new capability allows Appdome-protected mobile apps to recognize when automated mobile app testing suites are in use and securely completed without interruption by a vendor, logging all security events for the developer to track and monitor. The Build-to-Test service is part of Appdome’s Dev2Cyber initiative and will accelerate the delivery of secure mobile apps globally.

In continuous integration, continuous delivery (CI/CD) pipelines, mobile app quality assurance is done via automated testing services so the functionality of the mobile app can be validated across hundreds of real-world mobile devices and OS versions. However, automated testing services can also leverage methods and tools that violate cybersecurity policies or that cybersecurity professionals find problematic and dangerous such as emulators, virtualization, resigning, debugging, dual spaces, Magisk and more. Once protections are added to a mobile app, security features detect these methods and tools, and the resulting cyber defense may prevent testers from using parts of these testing services.

The new Build-to-Test option on Appdome extends Appdome’s support for automated mobile app testing services and allows Appdome-protected mobile applications to recognize the testing vendor and securely complete testing runs without interruption.

Appdome-protected mobile apps have always been testable on devices made available through automated mobile application testing vendors. Advantages of the new Build-to-Test feature include:

• Fully automated testing for Appdome-protected mobile apps;
• Fully automated mobile app testing services to validate cyber defenses in Appdome protected mobile apps;
• Reduced complexity when testing protected mobile apps in automated environments;
• Eliminate the need to test protected and unprotected builds separately; and
• Protect test builds with Appdome defenses to ensure improved DevSecOps compliance.

Appdome’s Built-to-Test option is available with Appdome-DEV and Appdome-SRM licenses and compatible with all major mobile app testing services including Microsoft App Center, Sauce Labs, BitBar, LambdaTest and BrowserStack to reduce time to market, improve app quality and increase pipeline efficiency.

For more information on how to use Appdome Build-to-Test, please see this knowledge base article.

Appdome, the mobile app economy’s one and only Cyber Defense Automation platform, today announced that it has released a pre-built integration between its platform and GitLab, the most comprehensive, scalable enterprise DevSecOps platform for software innovation. The new integration is part of Appdome’s Dev2Cyber Partner initiative to accelerate delivery of secure mobile apps globally.

Appdome’s cyber defense automation platform streamlines delivery of mobile app protection and accelerates release times by using technology to build cyber security defenses into iOS and Android apps. Fully automated, no-code, no-SDK protections on Appdome include runtime application self-protection (RASP), code obfuscation, mobile data encryption, jailbreak detection, root detection, man-in-the-middle attack prevention, on-device anti-malware, anti-fraud, anti-cheat, anti-bot and other protections. Appdome delivers these protections with real-time time defense monitoring and attack intelligence via its fully integrated Appdome ThreatScope™ XDR solution.

Today, global consumers demand more protection than ever in their mobile app experiences. As Appdome’s recent Global Consumer Expectations of Mobile App Security survey revealed, 94% of global consumers said they would promote a brand if the mobile apps protected them against security, fraud and malware risks, while 68% said they’d abandon brands that offered no protection.

For more information on how to use Appdome with GitLab, please see this knowledge base article.

Appdome, the mobile app economy’s one and only Cyber Defense Automation platform, today released its next generation ThreatScope product, delivering Extended Detection and Response (XDR) for consumer mobile apps and brands globally. For the first time in mobile history, mobile brands gain the power and agility of XDR to address any cyber, fraud and other attacks in the mobile app channel.

Global consumers now prefer mobile apps over other digital channels. While XDR, EDR, SIEM and other solutions serve web, cloud and enterprise environments well, these solutions do not provide attack and threat detection or response from the increasingly dominant mobile revenue stream and mobile channel used by consumers. Prior to ThreatScope Mobile XDR, cyber, fraud and dev teams at consumer brands were left in the dark, with no practical means to gather, share or use data from siloed and fragmented cyber and fraud systems. 

Appdome’s ThreatScope Mobile XDR gathers thousands of threat signals from mobile app security, hacking, fraud, malware, cheat and bot attacks from inside each of 100M deployed mobile apps and translates that data into brand relevant views that cyber, fraud and business teams can use to evaluate and respond to mobile threats and attacks in real time. There is no need for coding, SDK, MDM, EMM or UEM, or for any user to install an additional app on the user’s device. ThreatScope Mobile XDR goes beyond device-level attestation and gets its data straight from attacks and threats impacting the brand’s in-production mobile apps. ThreatScope Mobile XDR is pre-integrated with Appdome’s Cyber Defense Automation platform for Android and iOS apps for instant response to any cyber or fraud attack.

ThreatScope Mobile XDR provides mobile businesses and mobile brands:

Consolidated Attack and Threat Intelligence – Consolidated, real-time, attack and threat intelligence from across the cyber security, fraud, malware, cheat and bot attack landscape, all from in-production Android and iOS apps.

Threat-Views – Allows brands to create, save and monitor attacks and threats by mobile app, specific threat, threat type, OS platform and other business-specific perspectives. Isolates specific cyber security, fraud, malware, cheat and bot attacks, reduces noise and zeros in on the attacks with the biggest impact to each app, release, brand and users.

Track 1 to 1000s of Mobile Attacks – With configuration as code ease, monitor and respond to one, any combination or all of ThreatScope’s 1000s of unique threats, attack vectors, attack techniques and methods applicable to Android and iOS apps with ease. New detections targeting Android and iOS apps added weekly.

Automated Threat Response – Automate cyber defense and response to each cyber incident or fraud attack with updated security and anti-fraud features tailored to each specific threat or attack, build-by-build and release-by-release, adding agility and eliminating the impact on the mobile business and users.

Analytics Grade Threat Inspection – ThreatScope comes with a powerful, easy to use analytics engine that allows developers and cyber teams to gain 360-degree threat visibility to filter, set thresholds, inspect, investigate and monitor attack and threat trends on-demand or over time.

Shift-Left Cyber Defense for Mobile Apps – With 360° attacks and threat visibility and intelligence, mobile developers and cyber and fraud teams can shift left and collaborate on threat response in each release of Android and iOS apps.

High Fidelity Threat Intelligence – ThreatScope Mobile XDR does not rely on external servers, SDKs, extra apps or attestation services. So, there is no risk of in-transit exploit, signal spoofing, hijacking or other attacks that can compromise the integrity of the threat signal. Hardened binding between the ThreatScope and the mobile app eliminates the risk of an attacker disabling ThreatScope telemetry.

No Code/No SDK Implementation – The entire ThreatScope Mobile XDR capability can be added in Android and iOS apps without any burden on mobile dev teams, including no code, no SDK and no servers to deploy.

For more information about ThreatScope Mobile XDR visit: https://www.appdome.com/threat-scope-mobile-xdr/.