As I wrote in my last blog, at Appdome, we continue to constantly revisit and improve our security features.
Attacks can happen on every Wifi network the mobile phone connects to. And what’s most troubling is that Wifi attacks are an attack vector that does not require any physical access to the app or the mobile device.
In our most recent release, we put extra emphasis on our Secure Communication solution and added more features, granularity and options to our Trusted Session Inspection implementation. As a result, we are proud to say that Appdome has made mobile MiTM attacks impossible.
How We Make Mobile MiTM Attacks Impossible
We made Mobile MiTM impossible by enforcing the following:
Enforce TLS Cipher-Suites allows our customers to limit the TLS cipher suites used in the secure handshake. Specifically, we allow the ability to approve ciphers from any list of all possible 350 cipher suites. As a result, only network connections using these ciphers will be approved by our Trusted Session Inspection engine.
Enforce TLS Versions allows our customers to limit the network connections only to approved TLS versions. In contrast, older versions are susceptible to known networking attacks. Attacks like POODLE and BEAST rely on exploiting weaknesses of older implementations of TLS. For this reason, Enforce TLS Versions allows users to limit the SSL/TLS versions of the network connections only to the approved versions.
Enforce Certificate Roles allows our customers to increase their trust on server-side certificates. Therefore Appdome’s code verifies that Leaf Certificates will not sign on other Certificates. In the knowledge base, there is a detailed explanation of this attack and the way to defend from it. Appdome’s code of enforcing the certificate roles for each certificate for each network connection hardens the connections. As a result, this basically helps make sure that mobile MiTM attacks are virtually impossible.
We keep updating our security features and standards as new vulnerabilities are found, so more to come.
In the meantime, get started with Appdome and protect your mobile apps from attacks.