This Knowledge Base article describes how the Appdome platform works in detail.
Appdome is a no-code mobile app security and development platform designed to add mobile app security or 3rd party SDKs to Android and iOS apps without coding.
Appdome’s no-code mobile app security platform offers mobile developers, DevSec and security professionals a convenient and reliable way to protect Android and iOS apps with a wide array of mobile app security defenses.
Services on Appdome are organized by category. Customers can implement their choice of discrete security features, bundles of features, or full SDKs into any iOS or Android app in minutes without any development work. For each implementation, customers can choose additional instrumentation features or optimizations that extend SDK functionality, overcome framework limitations, or enable customers to achieve app-specific use cases, behaviors or user experiences that are unique to a target app or environment. Appdome works with any iOS and Android app, no matter how the app was built.
Appdome is compatible with all iOS and Android apps out of the box, meaning you don’t need to modify or prepare an app to work with Appdome. Appdome supports all platforms, mobile operating systems, development environments and frameworks. Using Appdome you can instantly build new Android and iOS apps from scratch or add security and to any existing iOS/Android app (.apk, .aab or .ipa).
When customers complete a project on Appdome, the outcome is similar to (and in most cases better than) what you would achieve if a team of mobile developers had coded the functionality or SDK manually into the source code – except with Appdome, the outcome is guaranteed, instant, and doesn’t require any coding or specialized skills. Appdome doesn’t constrain your development choices, it liberates them. Appdome works with all apps – out of the box, no matter which framework or development environment was used to build the app. This means developers are free to build apps in any environment they wish (native ios, native android or any non-native frameworks like React Native, Xamarin, Cordova, Flutter, Ionic, Unity, etc). Customers select the features they want to implement (and/or build a template) When an Appdome customer clicks “Build My App,” Appdome leverages a microservice architecture filled with thousands of security plugins, and an adaptive code generation engine that matches the correct required plugins to the existing development environment, frameworks, and methods in each app.
The Appdome platform completes every implementation in less than a minute, leveraging a collective and cumulative body of knowledge, having completed hundreds of thousands of implementations across tens of thousands of apps. Every implementation benefits from all previous work, and our AI-enabled coding engine gets smarter and smarter with each click of the Build My App button. All this collective knowledge accrues to every customer, partner, app-maker, and SDK provider alike. This is a stark contrast from manual development or integration methods that rely on source code changes or manual development, and where knowledge is spread across individuals and no implementation ever benefits previous work.
Appdome’s technology leverages a massive body of accumulated knowledge on both the app side and the services side, and it implements the customer-selected services taking into account the existing app’s capabilities and bridging gaps to overcome incompatibilities between the app and the new services – Here are some details:
On the app-side, when customers add apps to their Appdome account, the AI engine performs an app structure and integrity scan. As part of this check, Appdome discovers which app development frameworks were used to build the app. Our algorithms also map the app’s structural and logical elements, its capabilities, frameworks, features, functions, methods, classes, libraries, APIs and 3rd party SDKs, etc. As a result of this scan, It builds a mapping of all 3rd party libraries (native and non-native) understanding the app’s resources, methods, control flows. It also understands how the app communicates internally and externally.
On the services (SDK) side, Appdome has built a large and diverse set of thousands of pre-built and reusable microservices across many different mobile service categories and SDKs. This information is stored and retained in our cloud platform and continuously updated. When customers click BuildMyApp, Appdome’s AI engine analyzes the set of features that the customer requested, performs a gap analysis between the app’s current capabilities and the new service/SDK, and then dynamically assembles and implements the relevant microservices in the right order – all while taking into account the existing app’s structure and logical flows and resolving any framework gaps, incompatibilities, and SDK limitations. The end result: A new app binary is produced within a minute which includes all the new functionality – all with no code changes, no SDK changes, and no changes to the environment or infrastructure in which the app operates.
If a mobile service, API, or SDK is listed on Appdome, that means Appdome’s AI algorithms have been ‘trained’ on how to implement the service into any iOS or Android app without human coding. There are no external dependencies, constraints, or prerequisites that require changes to the app. So there’s no prep-work or development work required before using Appdome. Present any app to the platform, and you can build mobile security into the app instantly – for all native and non-native frameworks.
The repository of knowledge accumulated by the Appdome platform (on both the app side and the services side) continues to grow and build upon itself. And the Appdome platform implements new functionality adaptively and selectively, resulting in consistent implementations of the customer-selected services, all implemented by the platform within the context of the app’s unique composition.
For practical examples of how Appdome overcomes framework limitations, read this blog.
For developers, Appdome exposes advanced instrumentation (as part of our Appdome-DEV offering) so you can build custom enforcement workflows inside mobile apps using Appdome’s threat intelligence framework (called Threat Events), which interact with the app’s own unique event structure and logic, giving customers a universal instrumentation layer across all development enviorments.
After successfully securing your app using Appdome, there are several available options to complete your project, depending on your app lifecycle or workflow. These include:
Or, see this quick reference Releasing Secured Android & iOS Apps built on Appdome.
Appdome has been granted multiple patents for the “Fusion” process. You can learn more by reading Appdome’s blog about patents.
To zoom out on this topic, visit the Appdome Platform section on our website.