Gartner defines In-App protection as a security solution implemented within the application to make it more resistant to attacks.
But, what does it really means?
When you distribute a security-critical app to the consumer or to enterprise users, you want to be sure that it cannot be attacked to steal data.
To do that, you should put inside the app some technology able to protect the app itself and report to you if something goes wrong.
What are the 3 main features that modern In-App Protection should provide?
- Multiple threats detection: ranging from malware presence up to misconfiguration of security conditions inside the endpoint. It should provide runtime detection, evaluation, and reporting.
- Countermeasures: it should provide active and configurable countermeasures within the application that will prevent your app from working in certain conditions.
- Obfuscation and encryption: it should implement obfuscation and encryption functionalities to protect the app’s assets from reverse engineering attempts (even if the app is not running).
While traditional in-app technologies often provide detection, evaluation and reporting are the most critical aspects. Usually, threats are not white or black conditions but require intelligent processes to recognize them. Furthermore, reporting is a preliminary condition to trust the effectiveness of the countermeasure. Anything done in the client could be bypassed or manipulated by the attacker.
At XTN, we have designed a Behavioural In-App Protection solution, taking AI in the process of threat detection to provide intelligent tools to protect your mobile service.
If you have further questions, submit the following form.