Immunize apps against XcodeGhost and other harmful 3rd party code

AppDome, the market leader in mobile application protection, announced today that mobile app owners who use AppDome, its dynamic application App Fusion, can consider their mobile app immune to the XcodeGhost attack vector.

A vulnerability aimed at exposing data-at-rest, XcodeGhost infects the iOS compiler and compromises an app before it even makes it to the App Store. This is a significant security issue for financial services companies and other enterprises who own mobile apps, many of which store customers’ personal data and server login information.

App fusing is a process that provides an extra layer of security once a mobile app’s development and testing phases are complete. AppDome’s AppDome provides protection against a wide range of threats, including OS-related issues and use of malicious or privacy- infringing 3rd party SDKs or plugins.

“As with XcodeGhost, app developers use 3rd party code to streamline the development process – which often includes either malicious, vulnerable or privacy-infringing code without their knowledge,” says Avi Yehuda,  Chief Technology Officer, AppDome.

“While secure coding is essential to any mobile app security strategy, it’s clear that companies need a consistent, high-security, tool-based approach that doesn’t impede release cycles or app performance.”

The company’s multi-layered App Fusion solution implements pharming prevention  across all communication channels. As a result, once malicious code is detected, the appropriate preventative action is automatically applied by the App Fuse. In this specific case, it acts to nullify the impact of the XcodeGhost threat.

About AppDome

AppDome provides an essential shield that secures enterprise and consumer-facing apps from advanced cyber threats, mobile fraud and data leakage. Recognized by Gartner as a 2015 Cool Vendor in Mobile Security, AppDome helps organizations find the right balance between security and usability in the mobile threat landscape.

AppDome’s dynamic App Fusion solution is based on the application binary level, which completely eliminates the need for source code modifications and SDK integration during the development life cycle.

The company’s dynamic app protection technology is used by the world’s leading financial, healthcare and eCommerce enterprises to ensure productivity, compliance, and security for consumers and employees.

For more information on mobile App Fusion and threat mitigation, visit www.appdome.com.

 

Avita Flit

Have a question?

ask an expert

TomWe're here to help
We'll get back to you in 24 hours to schedule your demo.

Quick Links

Latest Press Releases

Search Appdome Solutions

Search
Blog Post Ciso 5.0

CISO 5.0 – Cyber as a Business Function

Cybersecurity has undergone a profound transformation over the past two decades. Once a narrowly scoped discipline focused on control and compliance, the Chief Information Security Officer (CISO) role has…

Blog Post Why Cyber Platforms Matter

Why Cyber Platforms Matter in Your AI Strategy

Palo Alto Networks and Crowdstrike have made it clear that platforms are the right strategy for cyber defense initiatives. And platforms do offer a lot of advantages over manual defense options – faster time to market, just-in-time defense, better compliance …

Blog Post White Box Cryptography Is A Sham

White-box Cryptography is a Sham

I’ve worked with our cyber research team, providing assessments of mobile apps for mobile banks and brands, and it always surprised me to see that API endpoints and API…