How to use ThreatScope™ - Threat Dynamics

Last updated February 4, 2025 by Appdome

Overview of Threat Dynamics

Threat Dynamics is an advanced feature within ThreatScope™ that leverages AI-powered analytics to provide actionable insights into your app’s security posture. By calculating a dynamic “Threat Score” for your app, this feature enables you to understand your app’s risk level compared to global benchmarks and similar apps in categories like Finance, Banking, and Gaming. Threat Dynamics equips you with the tools to proactively monitor threats, address vulnerabilities, and make data-driven decisions to strengthen your app’s defenses.

With Threat Dynamics, you can:

Measure your app’s security status using the Threat Score, a numerical representation of risk.
Compare your app’s performance against global and industry-specific benchmarks.
Analyze key metrics like Infection Rate, Frequency, and Velocity to identify and mitigate emerging threats.
Gain real-time insights through dynamic data visualizations, helping you respond to threats effectively.

Key Features of Threat Dynamics

Threat Score: A calculated risk score ranging from 0-100 that helps assess the current security status of your app.
Gauge Display: A visual indicator of your app’s Threat Score, categorized into actionable ranges:
- 0-69 (Normal): No significant risks detected.
- 70-84 (Review): Potential risks identified, requiring further analysis.
- 85-100 (Act): High-risk threats detected, necessitating immediate action.
Deviation/Benchmark Cards: Provides comparative insights, including:
- Benchmark: The global benchmark standard score is based on global data, allowing you to understand how your app compares against worldwide security averages.
- Cohort Spread: Measures variability among similar apps.
- Z-Score (Above/Below): Indicates deviation from the global mean.
Risk Drivers: Detailed metrics for deeper analysis of infection trends, attack frequency, and velocity of changes.
Dynamic Data: Comprehensive breakdown of threat-related metrics and trends visualized for each attack stream.

Prerequisites for Using Appdome’s Threat Dynamics:

Before using Threat Dynamics, ensure you meet the following requirements:

Appdome account (create a free Appdome account here)
A license forThreatScope™
A license for Threat Dynamics
Mobile App (.ipa for iOS, or .apk or .aab for Android)
Signing Credentials (see Signing Secure Android apps and Signing Secure iOS apps)

How to Use Threat Dynamics

Step 1: AccessThreatScope™

Log in to your Appdome account.
Navigate to theThreatScope™ dashboard.

Step 2: Open the Threat Dynamics Tab

Locate the Threat Dynamics tile within the ThreatScope™ dashboard.

Step 3: Review the Threat Score

Observe the gauge display in the center of the tile. The Threat Score ranges from 0-100:

0-69 (Normal): No significant risks detected. No immediate action is required.
70-84 (Review): Moderate risks detected. Review and analyze your app’s security.
85-100 (Act): High risks detected. Immediate action is needed to mitigate threats.

Step 4: Analyze Deviation/Benchmark Cards

Understanding Deviation/Benchmark Metrics

Benchmark: The benchmark which is dependent on the current distribution of scores helping you understand where you are compared to other apps.
Cohort Spread (Standard Deviation): The range of Threat Scores within similar apps. A slight standard deviation indicates consistent security levels across apps, while a large spread suggests significant variability.
Above/Below (Z-Score): Measures how far your app deviates from the global average, expressed in standard deviations. A positive Z-Score indicates better-than-average security, while a negative score suggests weaker performance.

Step 5: Explore Risk Drivers

Detailed Explanation of Risk Drivers

Infection Rate:
- Definition: Proportion of app installs impacted by threats.
- Formula: Number of infected installs / Total installs
- Example: If 1,000 devices have installed your app and 100 are infected, the infection rate is 10%.
- Significance: Highlights the spread of threats within your app’s user base.
Frequency:
- Definition: Number of attack events per user session over a given period.
- Example: If there are 50 attack events across 25 sessions, the frequency is 2 attacks per session.
- Significance: Indicates how often threats are targeting users.
Velocity:
- Definition: Speed at which the infection rate is changing over time.
- Example: If the infection rate increases from 5% to 10% over a month, velocity indicates an accelerating trend.
- Significance: Identifies emerging threats that may require urgent intervention.
Deviation:
- Definition: Difference between your app’s Threat Score and the average score for similar apps.
- Example: If the average Threat Score is 75 and your app’s score is 90, the deviation is +15.
- Significance: Shows how your app’s security compares to peers.
Change:
- Definition: Net difference in threat metrics compared to the last measurement period.
- Example: A decrease from 60 threats to 50 indicates a -10 change, showing improvement.
- Significance: Tracks progress in threat mitigation or escalation.

Types of risk drivers

Step 6: Leverage Dynamic Data

Dynamic data visualizations allow you to:

Track trends in infection rates and attack patterns.
Analyze frequency and velocity metrics for different attack streams.
Gain actionable insights to address emerging threats proactively.
View the top attacks affecting your mobile apps.

Next Steps

Use Threat Dynamics to gain actionable insights into your app’s security status.
Monitor dynamic metrics regularly to detect and address threats proactively.
Upgrade your license for additional advanced features if necessary.

How Do I Learn More?

If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission of your project.