How to Use Appdome's Threat Resolution Center

Last updated October 31, 2024 by Appdome

The newly introduced Appdome Threat Resolution Center harnesses the capabilities of GenAI to offer real-time, precise, step-by-step guidance for end users to address threats and attacks on mobile devices swiftly. This innovative solution enhances mobile security by dynamically generating a context-specific ThreatCode™ whenever an Appdome-protected mobile app detects a potential threat. This code encapsulates crucial details about the threat, including the attack vector, device specifics, operating system, and other pertinent data—essentially providing a comprehensive DNA profile of each threat encountered on the mobile device.

Upon receiving a ThreatCode, support, engineering, or cybersecurity professionals from mobile brands and enterprises can input this code into the Threat Resolution Center. Here, Appdome’s advanced Threat Resolution Agent™ employs retrieval augmented generation (RAG) to intelligently formulate responses using GenAI, optimizing the solution for the specific attack scenario. This process not only helps pinpoint and understand the nature of the attack but also guides users through detailed steps to mitigate or completely remove the threat from the affected device.

Benefits

  • Faster Resolutions: GenAI enables support teams to resolve threats quickly and efficiently by providing detailed, actionable information. This reduces downtime and minimizes the impact of cyber attacks on the end user’s mobile experience.
  • Reduced Support Burden: Automating the threat resolution process with GenAI alleviates the burden on support centers and cyber teams. This allows these teams to focus on more complex security challenges, improving overall efficiency.
  • User-Threat Specific Resolutions: GenAI’s ability to tailor its recommendations based on the specific device and OS ensures that users receive the most relevant and practical guidance. This personalized approach enhances the overall security of the mobile ecosystem.

To Use the Threat Resolution Center Feature:

  1. Log in to your Appdome account.
  2. Click on the Threat Resolution Center button on the top menu bar.
    Threat Resolution Center 1
  3. Enter the Threat Event Code as follows: four digits representing the event and then the last four digits of the Build ID.
    • Only if the Threat Code entered does not result in the Appdome platform automatically pre-filling in the device and operating system details:
    • Select the Mobile Operating System where the threat event notification appeared. Options include Android or iOS.
    • Enter the version. The version refers to the specific release or update number of the OS, such as Android 11 or iOS 14.4.
    • Select the mobile device manufacturer (e.g., Apple, Samsung) to which the threat event notification appeared.
    • Select the Device Model to ensure the resolution matches the client’s device, such as the Samsung Galaxy S22.
  4. Enter the Detection Date range.
    Note: You can view events up to six months back.
  5. Click the Get Resolution button to see the relevant remediation.
    Enter Threat Code
  6. View the Publisher Info about the mobile app, including:
  7. View the Mobile Defense Details.
    • Defense Type: Mobile Malware Prevention
    • Defense Name: Block Custom Frida
    • Reason: Protect app IP and prevent data leakage
    • Triggered On: Active Custom Frida on Android Device
    • Threat Event: No
    • Policy: Appdome Defense
    • Support REF: 6905-1
    • Notification: MyAndroidApp detected the use of Frida or a similar tool. To protect you, the app will close.
  8. Read through the Threat Description
    • Provides an overview of the threat and its potential impact on the mobile app.
      Threat Description
  9. How to Find the Threat
    • Utilize the step-by-step instructions on how to find the threat on the mobile device.
      How To Find The Threat
  10. How to Disable/Remove the Threat
    • Includes detailed step-by-step instructions on how to remove/uninstall the threat from the mobile device.
      How To Remove The Threat
  11. Download Resolution Details
    • For documentation, compliance, or sharing purposes, download your resolution details as a PDF. This helps streamline reporting and allows you to archive information for future reference.
      Download Threat Code Resolution Results As A Pdf

Managing Recent Resolutions

The Recent Resolutions section provides powerful tools to help you organize and access past threat resolutions efficiently:

  • Pin Important Resolutions: You can pin up to three resolutions at a time, making it easier to reference commonly needed solutions quickly.
  • View Recent Activity: Access up to 30 of your most recent resolutions. Each entry includes a “Query Made By” field, indicating the team member who initiated the resolution, which improves traceability and team collaboration.
  • Rename Resolutions: Customize the names of your saved resolutions for easier identification. This is especially helpful when managing a high volume of threat cases.
    Recent Resolution options include Query Made By, Pin resolution and rename resolution

Related Articles:

How Do I Learn More?

If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.

Appdome

Want a Demo?

Threat Resolution Center™

TomWe're here to help
We'll get back to you in 24 hours to schedule your demo.