How to Use Appdome's Threat Resolution Center
The newly introduced Appdome Threat Resolution Center harnesses the capabilities of GenAI to offer real-time, precise, step-by-step guidance for end users to address threats and attacks on mobile devices swiftly. This innovative solution enhances mobile security by dynamically generating a context-specific ThreatCode™ whenever an Appdome-protected mobile app detects a potential threat. This code encapsulates crucial details about the threat, including the attack vector, device specifics, operating system, and other pertinent data—essentially providing a comprehensive DNA profile of each threat encountered on the mobile device.
Upon receiving a ThreatCode, support, engineering, or cybersecurity professionals from mobile brands and enterprises can input this code into the Threat Resolution Center. Here, Appdome’s advanced Threat Resolution Agent™ employs retrieval augmented generation (RAG) to intelligently formulate responses using GenAI, optimizing the solution for the specific attack scenario. This process not only helps pinpoint and understand the nature of the attack but also guides users through detailed steps to mitigate or completely remove the threat from the affected device.
Benefits
- Faster Resolutions: GenAI enables support teams to resolve threats quickly and efficiently by providing detailed, actionable information. This reduces downtime and minimizes the impact of cyber attacks on the end user’s mobile experience.
- Reduced Support Burden: Automating the threat resolution process with GenAI alleviates the burden on support centers and cyber teams. This allows these teams to focus on more complex security challenges, improving overall efficiency.
- User-Threat Specific Resolutions: GenAI’s ability to tailor its recommendations based on the specific device and OS ensures that users receive the most relevant and practical guidance. This personalized approach enhances the overall security of the mobile ecosystem.
To Use the Threat Resolution Center Feature:
- Log in to your Appdome account.
- Click on the Threat Resolution Center button on the top menu bar.
- Enter the Threat Event Code as follows: four digits representing the event and then the last four digits of the Build ID.
- Only if the Threat Code entered does not result in the Appdome platform automatically pre-filling in the device and operating system details:
- Select the Mobile Operating System where the threat event notification appeared. Options include Android or iOS.
- Enter the version. The version refers to the specific release or update number of the OS, such as Android 11 or iOS 14.4.
- Select the mobile device manufacturer (e.g., Apple, Samsung) to which the threat event notification appeared.
- Select the Device Model to ensure the resolution matches the client’s device, such as the Samsung Galaxy S22.
- Enter the Detection Date range.
Note: You can view events up to six months back. - Click the Get Resolution button to see the relevant remediation.
- View the Publisher Info about the mobile app, including:
- App Name
- App Logo or Icon
- App Bundle ID
- App Version
- Mobile Platform: Android or iOS
- Appdome Version
- Team Name
- Fusion Set Name
- Appdome Build ID
- Build Date.
- View the Mobile Defense Details.
- Defense Type: Mobile Malware Prevention
- Defense Name: Block Custom Frida
- Reason: Protect app IP and prevent data leakage
- Triggered On: Active Custom Frida on Android Device
- Threat Event: No
- Policy: Appdome Defense
- Support REF: 6905-1
- Notification: MyAndroidApp detected the use of Frida or a similar tool. To protect you, the app will close.
- Read through the Threat Description
- Provides an overview of the threat and its potential impact on the mobile app.
- Provides an overview of the threat and its potential impact on the mobile app.
-
How to Find the Threat
- Utilize the step-by-step instructions on how to find the threat on the mobile device.
- Utilize the step-by-step instructions on how to find the threat on the mobile device.
- How to Disable/Remove the Threat
- Includes detailed step-by-step instructions on how to remove/uninstall the threat from the mobile device.
- Includes detailed step-by-step instructions on how to remove/uninstall the threat from the mobile device.
- Download Resolution Details
- For documentation, compliance, or sharing purposes, download your resolution details as a PDF. This helps streamline reporting and allows you to archive information for future reference.
- For documentation, compliance, or sharing purposes, download your resolution details as a PDF. This helps streamline reporting and allows you to archive information for future reference.
Managing Recent Resolutions
The Recent Resolutions section provides powerful tools to help you organize and access past threat resolutions efficiently:
- Pin Important Resolutions: You can pin up to three resolutions at a time, making it easier to reference commonly needed solutions quickly.
- View Recent Activity: Access up to 30 of your most recent resolutions. Each entry includes a “Query Made By” field, indicating the team member who initiated the resolution, which improves traceability and team collaboration.
- Rename Resolutions: Customize the names of your saved resolutions for easier identification. This is especially helpful when managing a high volume of threat cases.
Related Articles:
- How to use ThreatScope™ Threat Alerts
- Understanding ThreatScope Mobile XDR
- ThreatScope Mobile XDR & Using Threat Query
How Do I Learn More?
If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.
Thank you!
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.