Appdome has recently released a product providing bot detection for mobile brands. MOBILEBot Defense combines bot detection and defense against bots, credential stuffing and account takeovers (ATOs) in mobile apps.

Appdome says that MOBILEBot Defense can be used with any web application firewall and unlimited API hosts or endpoints. They say that traditional anti-bot products struggle to keep pace with the evolving diversity and sophistication of mobile applications, and often consist of bot defense methods designed for web applications being used on mobile frameworks, leaving the mobile app developer to deal with the complexities this causes.

Chris Roeckl, chief product officer at Appdome, summarized the problem, saying:

"Traditional anti-bot products don't protect the connection, implementation and include only limited payload signals."

and explaining that MOBILEBot Defense is different because it's more comprehensive and imposes fewer requirements on the mobile developer.

It combines several defense methods, and comes with support for major mobile languages and frameworks, including Obj-C, C+, Java, JS, C#, C++, Swift, Kotlin, Flutter, React Native, Unity, Xamarin, and Cordova. Mobile device and connection risk detection covers over 150 threats including Android and iOS malware, hacking frameworks, instrumentation frameworks, jailbreak, root, Magisk, Zygisk, jailbreak bypass, and Man in the Middle (MiTM) attacks.

Deeper mobile bot detection methods of the software detect auto-tapping apps, keystroke injection, emulators, simulators, virtualization, dual space, second space, Android players, and accessibility malware. The software uses multi-layered fingerprinting methods to distinguish legitimate mobile apps from fake apps, trojan and malware-controlled apps and botnets.

Customers can choose what options are included in the anti-bot payload, including threat-event meta data such as the operating system and version, the DeviceID, threat-score, Mobile Threat-ID, detailed threat description, and the attack geolocation.

The detector also comes with prepackaged MiTM attack prevention via a hardened TLS, active MiTM attack prevention and mTLS pre-authentication to safeguard connections and the anti-bot payload in transit. It also has geo-spoofing defenses that look for geo-location spoofing and check for mismatches between variables such as time zone, longitude and latitude.

From a developer viewpoint, MOBILEBot Defense offers prepackaged bot defense shielding that binds its code to the mobile app, and prevents tampering, disabling, bypassing or spoofing anti-bot signals. It comes with full support for any industry standard web application firewalls, and the team says its no-code, no-SDK, fully automated delivery is purpose built for the mobile DevOps pipeline with no need for servers or proxies. It can be used on multiple hosts, URLs and API endpoints without added cost.

Appdome MOBILEBot Defense is available for Android and iOS mobile application and CI/CD pipelines and is available now.

More Information

Appdome Website

Related Articles

Appdome Adds GitLab Integration

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Comments

Make a Comment or View Existing Comments Using Disqus

or email your comment to: comments@i-programmer.info