Verimatrix and Inside Secure have merged. Learn more here. Go to Verimatrix website.

Strong protection proven in the most demanding markets

Automated code-analysis eliminates human error from the complex process of building a secure application

Integrates into your developers' build systems enabling any software developer to become a "security expert"

Product description

Modern applications typically run on open devices (e.g. mobile phones) that are known to be vulnerable to attack. Therefore the devices cannot be trusted by the application developers. This means that developers need to build the applications that are secure regardless of the device environment. This means utilising tools, technologies and methodologies that allow the applications to protect themselves. 

Inside Secure's Code Protection technology provides powerful automated software protection tools applicable across Mobile, IoT, Desktop and Server platforms.

Anti-tamper

The integrity of an application and its function is achieved by tamper-proofing the application code itself. Tamper proofing is achieved by use of the Code Protection Tool to render an application resistant to analysis, change or manipulation by a hacker.

Tamper proofing means that an attacker cannot:

  • Modify an application to insert malicious code;
  • Dynamically analyse an application with “known” conditions, or change the code to observe the effect the change has;
  • Remove other protections such as root detections;
  • Lift components (such as white-boxes) out the application to make them easier to analyse. 

At the heart of this is a runtime integrity network embedded throughout the application code. This detects and responds to any attempts to analyse, reverse-engineer or otherwise manipulate the application. Attackers trying to compromise the application or other security measures (e.g. white-boxes) will find their room for manoeuvre highly restricted to the point that they cannot do any useful work. 

The integrity network created by Inside Secure's anti-tamper technology enables the application to defend itself. The integrity network creates a strong foundation on which to build other security techniques (such as Obfuscation). Without this foundation, these other techniques are easily and quickly broken down by even novice hackers.

Obfuscation 

Obfuscation on its own is not application protection; but it can be a useful technique to have as part of wider defences. Application developers should hide sensitive data in software and obfuscate sensitive code. The obfuscation applied by Inside Secure's tool greatly hinders an attacker’s ability to statically analyse an application. 

Integrated directly with the integrity network, and further hardened by it, Inside Secure's Code Protection provides multiple powerful Obfuscation techniques that render reverse engineering and static analysis impractical, ensuring that even elite hackers will move on to softer, less frustrating targets.

Automated not Manual

It is important to ensure that there are no gaps in the protection that can be exploited. Inside Secure's Code Protection Tool works on an automated model to protect code. It first dynamically analyses the software, then uses that analysis to determine where best to insert the integrity network checks. This gives an optimised integrity network to the profile of the specific application.

In practice, this means the number of checks inserted is an order of magnitude higher than those achieved with a manual or scripted injection approach.

イベント
Black Hat Las Vegas
Black Hat Las Vegas
7th to 8th August, 2019

Black Hat USA is the world’s leading information security event, providing the very latest in research, development, and trends in cyber security, cybercrime, cloud security, network protection, trust access, and much more.

 

  • From August 7 to 8: Meet with us at Black Hat and discover ProtectMyApp, our groundbreaking service that provides effortless & cost-effective mobile app security.

Business center, meeting room BMR 502

 

  • On August 8, come to listen to our chief strategy officer, Asaf Ashkenazi's innovation session:

"Who needs Trusted Execution Environment? 
Introduction to application self-contained security technology"

 

続きを読む Join
Droidcon NY
Droidcon NY
26th to 27th August

Verimatrix will be attending the 6th edition of droidcon New York City on August 26-27th, 2019!

Meet with us and discover ProtectMyApp, our groundbreaking service that provides effortless & cost-effective mobile app security.

Mobile app developers seek an answer to ever-growing reverse engineering and tampering threats that can lead to potentially devastating vulnerabilities.

With ProtectMyApp, developers can now easily upload their final, compiled app and receive the protected application back in just minutes without the need for security experts.

 

続きを読む Join
Other information

Inside Secure's Code Protection Tool protects against hackers who have unlimited access to deployed versions of the program, and to resist tampering and reverse-engineering even when hackers can experiment with copies of the protected programs over extended periods of time. A software program becomes its own protection system which cannot be switched off or separated out.

If a hacker tries to analyse, debug or attack the application, he will be faced with multiple pre-programmed responses, none of which allow him to understand the security architecture. He just knows that the App stops, crashed or calls for help.

Code Protection is designed for all platform environments… especially high-performance, dispersed and highly hostile - including Mobile & IoT.

Code Protection integrates directly into your software build system. The tools analyse your code both statically and dynamically then automatically injects an optimized schema of various security fragments into a copy of your source, which your developers then compile and build as normal.

Developers never have to interact with the structure of the protection or the codebase; this is all handled as part of the automated build process.

Learn how Inside Secure's Whitebox Tool can keep data and cryptography within your application safe.

Awards

Other resources
Target Platforms
  • Android
  • iOS
  • Linux
  • macOS
  • Windows
Development Platforms
  • Linux
  • macOS (Xcode)
  • Windows

Development Languages

  • C
  • C++
  • Objective-C
  • Swift
  • Java
  • Kotlin
See also

White Papers

Whitepaper Code Protection

GDPR and PSD2 white paper

securing-mobile-payments

Contact