AppSec Santa

Talsec - Mobile app security

Summary

Talsec offers a multi-platform SDK that focuses on app shielding, API protection, and network traffic control. It enables you to combat reverse engineering attempts, session hijacking, or brute force attacks.

11 min read

Talsec Dashboard RASP

What is Talsec?

Talsec offers advanced security solutions to protect mobile applications from attackers and ever-evolving threats.

You can monitor and analyze critical security data of your application environment on a Dashboard and react swiftly to any incident.

For device diagnostic and vulnerability scanning, you can use CybeTribe Mobile Security Diagnostics.

Talsec appicrypt cryptogram

The main tools include AppiCrypt, Flutter security for hybrid apps, and RASP with the free community and paid business versions.

What is AppiCrypt?

Talsec AppiCrypt makes protecting your back-end API easy by employing the mobile app and device integrity state control, allowing only genuine API calls to communicate with remote services.

AppiCrypt provides additional protection by generating a unique cryptogram evaluated by a script on the back-end side, detecting whether RASP was overcome.

This approach makes AppiCrypt hard to break. In addition, it's also lightning-fast and easy to integrate.

Talsec AppiCrypt

What is Free RASP?

FreeRASP provides multi-platform and all-in-one protection for mobile applications free of charge.

It is easy to set up and use, with a single programmable API allowing you to react appropriately to detected threats. As a multi-platform tool, freeRASP offers custom detections for both Android and iOS applications.

Talsec FreeRASP

In addition to ensuring app integrity and runtime protection, you will also receive security reports each week about the state of your security.

The report gives a quick overview of the security incidents and their dynamics. Additionally, it contains anonymized information about the security state of devices, such as OS version or the ratio of devices with screen locks and biometrics.

Talsec RASP

With the Business version of Talsec RASP, customers have a personalized version of the Talsec library build, which is uniquely bound to the customer's application.

The full version offers improved protections and new security checks designed to prevent overlay attacks or abuse of accessibility services.

Security hardening suite further limits attackers' options, with dynamic certificate pinging, string obfuscation, and secure storage of application data.

As cyber threats constantly change and improve, we collect relevant data and send them to cloud storage for evaluation and valuable security insights.

Data is visualized at the Kibana portal in dashboards, with meaningful interpretations of incidents, with options for auditing and monitoring.

All data are accessible through the REST API, so you can work with them as you see fit. A real-time attack watcher can notify you of serious incidents to stop any dangerous attack in its tracks. All of our cloud services are highly customizable for the best user experience.

Flutter Security

Flutter's recent rise in popularity also brings it more attention from the attackers. To prevent them from stealing your work or confidential information, you need to employ some form of protection.

The Flutter Security suite is a RASP plugin that protects your app from common threats such as tampering, repackaging, or running on a rooted device. It contains multiple detections, updated as new threats arise.

Users can decide how to react to detected issues when implementing a response, taking into account the different security requirements of mobile apps. It is designed to be easy to use, with a focus on the developer experience. All you need to do is import it and just set up the configuration and callbacks.

It comes in two versions. You can get the free one right now at pub.dev/packages/freerasp, and if it suits you, upgrade to Business later. The Business version contains even more detections, includes insights based on the collected data, and allows you to get real-time alerts for incidents. It also works very well with the AppiCrypt, for more complex protection.

Android Traffic Control

Android Traffic Control is a network monitoring and control tool for Android POS and Kiosks. It prevents zero-day exploits, malicious third-party apps, and API abuse from affecting your devices.

The application firewall, its main feature, enables you to block untrusted or potentially malicious apps, uncover hidden traffic, and control its flow. You can easily maintain separate device fleets for different vendors, sites, or customers with remote traffic monitoring and configure your firewall according to your needs.

On this page:

Leave a Reply

Your email address will not be published.