Arxan Enhances Mobile Runtime App Self Protection Capabilities

The RASP platform is generally priced on a per-app basis with a wide spectrum of pricing based on custom variables per use case.

arxan and mobile apps

Application protection solutions specialist Arxan Technologies announced it has enhanced Runtime Application Self Protection (RASP) capabilities as part of its application protection technology to further protect the integrity and confidentiality of mobile, embedded, desktop and server applications.
Building on other runtime application self-protection capabilities, Arxan now offers additional protections, which provide runtime tamper detection capabilities for Java applications.
The company’s RASP platform adds protection features into the application runtime environment to give applications another level of protection from malicious attacks.
The RASP platform is generally priced on a per-app basis with a wide spectrum of pricing based on custom variables per use case.
"Business are increasingly relying on applications to deliver value to their customers. This is highly visible in the increasing usage of mobile applications," Vince Arneja, vice president of product management at Arxan Technologies, told eWEEK. "This focus of business value to the app and data level has necessitated the security paradigm to shift from network and superficial device or OS perimeters to application protection. Application protection is critical to help build trust at the application layer and ensuring the confidentiality and business integrity of applications from attacks."
The platform includes security measures that identify and block attacks, given visibility into an application’s logic and data flow and check to ensure that the application is running in a safe environment.
For instance, the solution can detect if an app is running on a jailbroken device or if a debugger is running, that could enable attackers to examine a program while it is running.
"Prior to mobile apps, many business applications were web-based, with web browser front-ends rendering code from servers—and in that model, it’s very hard to capture, repackage and republish valuable code," Arneja said. "Today’s software landscape represents an explosion of widely distributed code that is outside the server and network perimeter. In fact it is increasingly residing in the wild on mobile and connected devices, in untrusted environments."
Other features include the ability to detect malicious activity from other running apps through Swizzling or Hooking, and it can respond to runtime attacks with customizable actions, which may include replacing tampered code with the original code during runtime, exiting the application safely when a runtime attack is detected or alerting monitoring systems that an attack has happened.
"Many enterprises rely on Arxan’s security to ensure that the integrity of their apps can be maintained in the wild and as such we see application security becoming a major priority for IT investments as the C-Suite starts to pay more attention to the business value being invested at the application layer," Arneja explained. "We also anticipate more attention to the need for compliance and standards at line of business line budgets will start to be allocated towards protecting the application value. The Internet of Things is the next big security threat."