Arxan Technologies, provider of application protection solutions, has announced expanded solutions for IBM Security’s AppScan and Trusteer products. The latest release of IBM Security AppScan Source (v9.0.1) includes Arxan’s risk identification rules that enable IBM customers to assess whether their mobile applicationsare vulnerable to reverse-engineering, tampering, and application integrity attacks. This integration enables organizations to apply a ‘Scan+Protect’ approach to securing mobile applications before they are released “into the wild.” Additionally, Arxan’s mobile application protection now workswith IBM Security Trusteer Mobile SDK to provide a comprehensive solution to prevent hacking attacks, fraud, and malicious exploits.
These enhanced IBM/Arxan joint solutions come at a crucial time for organizations deploying mobile applications and striving to safeguard them from security threats. . Gartner reports that “more than 75 percent of mobile applications will fail basic security tests through 2015” and advises Chief Information Security Officers (CISOs) to “make application self-protection a new investment priority, ahead of perimeter and infrastructure protection”. Adoption of application self-protection is projected to grow significantly: Gartner estimates that “by 2020, 25% of Web and cloud applications will become self-protecting, up from less than 1% today”2.
IBM has re-sold Arxan’s solution since June 2014 and has seen strong response to the integrated Arxan/IBM proposition. For example, one of the largest U.S. financial services organizations has made a significant investment in protecting its mobile applications against compromise, reverse engineering, and exploits with the patented IBM/Arxan solution.
With the v9.0.1 release, IBM Security AppScan Source analysis rules address a number of new risks that are unique to mobile apps, including exposure to tampering and reverse engineering. These rules inform mobile app developers about the types of confidentiality and integrity binary risks that applications are exposed to after their release and deployment. The solution also provides recommendations on how to protect mobile applications from such attacks. This intelligence can be leveraged by customers using Arxan Application Protection for IBM Solutions, which seamlessly injects security controls (guards) into the binary code to make the mobile app self-defending and tamper-resistant. The combination of IBM Security AppScan and Arxan brings a unique ‘Scan and Protect’ strategy for mobile application security, which enables a consistent, scalable and holistically approach to securing sensitive applications.
In addition, Arxan and IBM have collaborated to offer a comprehensive approach to prevent the compromise of mobile applications, fraud, and APT exploits. IBM Security Trusteer Mobile SDK provides a mobile solution that detects high-risk access from compromised or vulnerable devices, and enables server-side correlation of device and account risk factors across online and mobile channels. Arxan’s application hardening and run-time protection solution protects the application itself to ensure its integrity and confidentiality. These two offerings can now work together to provide organizations with enhanced mobile security.
“The integration of IBM and Arxan’s products helps us provide our customers with advanced application protection solutions to help them protect applications from hackers and malicious exploits,” said Larry Gerard, Program Director of Application Security Product Management at IBM. “The combined capabilities of these solutions enable enterprises and application developers to build trust into their applications and embrace the full potential of mobile application innovation.”