BETHESDA, MD -- (Marketwired) -- 06/10/14 -- Arxan Technologies, the industry-leading provider of software security solutions that protect the App Economy today announced that Arxan's mobile application protection offerings will now be sold by IBM as part of its portfolio of security products. Arxan Application Protection for IBM Solutions enables run-time protection, self-defense, and tamper-resistance inside mobile applications that run on all major platforms (including Apple iOS, Android, Windows Phone, Blackberry, and Tizen) by defending, detecting, and reacting to attacks and exploits. Enterprises and application developers are now able to leverage IBM's security solutions portfolio to build and keep applications secure with the seamless integration of App Hardening and Run-Time Protection into their mobile application security strategies.
Many leading application security consultancies and penetration testers recommend implementing protection against runtime manipulation and reverse engineering. Similar security advocacy is being echoed by respected analyst firms such as Gartner that states that, "for critical applications, such as transactional ones and sensitive enterprise applications, hardening should be used."(1) Yet, according to OWASP (The Open Web Application Security Project), 86 percent of mobile apps that were tested lacked binary hardening, leaving them vulnerable to information disclosure and other exploits. This has led to OWASP identifying "Lack of Binary Protections" as part of its Top Ten Mobile Risks announcement in 2014.(2) Moreover, recent research found that 78 percent of top mobile apps have been turned into hacked versions, showing how the hostile environment is now "the new normal" for un-protected apps.(3)
In contrast to centralized web environments, mobile applications live "out in the wild," on a distributed, fragmented, and unregulated mobile device ecosystem. Binary code in mobile applications can be directly accessed, examined, modified, and exploited by attackers, if not properly protected. This new environment attracts a number of new threats that are addressed by Arxan's proprietary, binary-level "guard" technology.
"Blocking hacking attacks on mobile applications requires a new layer of proactive security," said Mike Dager, CEO, Arxan Technologies. "Traditional application security practices alone, including safe coding practices, are no longer sufficient to protect mobile applications from these new binary vulnerabilities, as even flawless code can be reversed, modified, manipulated at run-time, or repackaged and distributed. With so much riding on pristine execution of applications, and so small a barrier for hackers to compromise the integrity and confidentiality of the applications, businesses are at significant risk for brand compromise, intellectual property loss or financial damage unless they include App Hardening and Run-Time Protection in their security approach.
"Arxan's App Hardening and Run-Time Protection serves a crucial role to protect applications from hackers and malicious exploits," said Caleb Barlow, Director of Application, Data and Mobile Security, IBM. "With the addition of Arxan, we offer clients a more integrated approach to security with a comprehensive solution portfolio from one vendor (IBM) to secure mobile applications. With IBM AppScan, we help clients build safe code during development and with Arxan, we help keep applications protected after their release and deployment out into the wild."
The combination of IBM AppScan and Arxan, in particular, brings a unique 'Scan and Protect' strategy for mobile application security, thus enabling a consistent, scalable approach to securing sensitive applications holistically. Arxan Application Protection for IBM Solutions is available via IBM's standard customer purchasing programs, such as IBM Passport Advantage, through IBM sellers and business partners. Arxan Application Protection support will be provided by IBM (through its first-line support offering, IBM Elite Support) and Arxan.
Arxan Application Protection for IBM Solutions is available from IBM in two versions:
- The "Consumer and ISV" version is for protecting external-facing applications, such as business-to-consumer (B2C) and business-to-business (B2B) applications, as well as packaged software applications produced by independent software vendors (ISVs)
- The "Enterprise Internal" version is for protecting internal-facing applications for employees and contractors of an enterprise (B2E applications)
For more information about the Arxan solution or to request a complimentary Arxan evaluation or proof of concept, please contact an IBM representative or email email@example.com. More information is available here. A short video that provides additional information about the application risks and solution is provided here.
ABOUT ARXAN TECHNOLOGIES
Arxan protects the App Economy from attacks in distributed or untrusted environments with the world's strongest and most deployed application protection products. Among today's diverse computing platforms, mobile and tablet apps and packaged or embedded software are all exposed to hacking attacks such as reverse-engineering, tampering, insertion of malware/exploits, repackaging, fraud, intellectual property theft, and piracy. Arxan's unique patented Guarding technology enables sensitive or high-value applications to proactively guard their own integrity by defending, detecting, alerting, and reacting to hacking attacks through a risk-based, customized protection. Arxan's self-defending and tamper-proof applications are deployed on more than 300 million devices by leading Fortune 500 organizations in high-tech, ISV, financial services, digital media, gaming, healthcare, and other industries. Arxan Technologies is headquartered in the United States with global offices in EMEA and APAC. Visit us at www.arxan.com.
Follow Arxan: Protecting the App Economy
(1) Avoiding Mobile App Development Security Pitfalls, 24 May 2013, Gartner
(2) Top Ten Mobile Risks, 24 February 2014, OWASP (The Open Web Application Security Project)
(3) Arxan's State of Security research