DexGuard

Description

With extensive Android app obfuscation & security protocols, DexGuard provides the most comprehensive mobile app protection available. Secure your Android apps & SDKs through multiple layers of code hardening & RASP.

 

DexGuard has been designed to streamline the secure software development lifecycle and make developers’ lives easier while still providing robust protection.

 

  • Optional DexGuard NDK Add-On: The DexGuard NDK add-on extends all the protection offered by DexGuard – including multi-layered Android app code obfuscation, data obfuscation and RASP integration – to included C/C++ native libraries.

 

  • Protection Report: DexGuard generates a Protection Report for each mobile app build that incorporates its protections. This report validates and assesses the applied protections, grading your app’s security configuration against key risk categories, providing further recommendations to improve security efficacy and surfacing potentially beneficial features to activate.

 

  • Backwards compatible with ProGuard: When upgrading from ProGuard (or R8) to DexGuard, you can re-use your existing ProGuard configuration file. All you need to do is account for DexGuard’s additional functionality, including its RASP and obfuscation capabilities.

 

Defend against static analysis

If a threat actor decompiles your app, DexGuard ensures that your code will be as resistant to reverse engineering as possible. DexGuard provides obfuscation for classes, fields, arithmetic instructions and more; code virtualization; API call hiding; and many additional security features. Crucially, DexGuard’s protection is polymorphic – each app build has a different Android obfuscation configuration, preventing a threat actor from reusing their prior knowledge.

 

 

Counter dynamic analysis

DexGuard automatically injects runtime application self-protection (RASP) checks, preventing threat actors from tampering with apps at runtime. What’s more, each build features different RASP checks in different locations, ensuring threat actors can’t reuse prior knowledge. DexGuard injects checks like root detection, certificate checks, hook detection and more.

 

 

 

How it works

Learn more about the Android app security techniques, practices and technology DexGuard uses to keep your mobile apps safe.

 

Mutually reinforcing security layers

A force multiplier for your app’s security

 

DexGuard’s defenses against static and dynamic analysis reinforce one another, providing more robust protection overall than any individual approach would offer. When a malicious user runs your app from a debugger or emulator to validate their static analysis, RASP checks kick in to end the user’s session, crash the application and deploy other defensive actions. Furthermore, DexGuard obfuscates each of these checks, preventing an attacker from learning where and how the application is detecting integrity violations.

 

Diverse, broad, and polymorphic protection

Comprehensive and evolving security

 

If each of your app’s builds apply the same defenses in the same locations, an attacker will easily decipher your app’s internal logic and will know where the most sensitive information lies. That’s why DexGuard hardens broad swathes of your app’s code and draws on a diverse library of integrity violation checks to prevent an attacker’s progress. Because these code hardening and RASP techniques are applied polymorphically and automatically, no two builds feature the same protections. Thus, every build resets the clock on attackers, rendering their previous knowledge useless.

 

Code optimization

Improve performance and reduce size

 

In addition to providing protection against threat actors, DexGuard also shrinks apps and improves their performance. DexGuard removes redundant code, logging codes and metadata, unused resources and native libraries

 

 

 

Responsive support

We’ll ensure your DexGuard implementation is comprehensive and tailored to your needs. Afterwards, we provide two levels of support based on your needs.

 

Basic support

Rely on the Guardsquare team for bug fixes and setup support at no additional cost.

 

  • Installation and setup support
  • Bug fixes
  • Response within 3 business days
  • Email support

 

Gold support

Gain expert-level access to the Guardsquare knowledge base as well as executive technical and business review.

 

  • Installation and setup support
  • Bug fixes
  • Project-specific support
  • Configuration optimization
  • Response within 1 business day
  • Email and phone support

Datasheets

  • Datasheet 1

Video



Categories


Partners: Guardsquare

Products: Mobile Application Security