Security software glossary

App tampering refers to unauthorized modifications made to an application’s code or operational environment to alter its behavior, bypass security measures, or manipulate its functions. This can include changes to the application's binary, the injection of malicious code, or modifications to its runtime environment.

Learn more about app tampering.

Vulnerable mobile devices and the prevalence of the Internet of Things (IoT) have created an urgent need for application hardening. By implementing hardening measures, you protect your apps against reverse engineering, tampering, and malware attacks

Read more about application hardening and the different methods of protecting your app. 

An API is a set of rules and protocols that allows software applications to communicate with one another. APIs facilitate data sharing across platforms, cloud services, and devices. But APIs are also prone to security risks like API abuse, attacks, and scraping.

Read more about APIs (Application Programming Interfaces) and how to protect them from attacks.

Application shielding should be your first line of defence when securing your apps. Key benefits include protection from the inside out, reduced risk of attacks, and real-time adjustments to stop potential attacks.

Learn more about how application shielding works and how it safeguards your application. 

Attack vectors are specific tools and strategies that malicious actors use to infiltrate systems, networks, or applications to exploit vulnerabilities. They focus on how at attack is executed and represent individual entry points to compromise a system, like malicious links in emails, infected apps, and an insecured Wi-Fi connection.

Learn more about attack vectors and how to secure yourself against them.

Certificate pinning is a security technique that increases secure communication over the TLS (Transport Layer Security) protocol, like HTTPS. It ties a chosen TLS certificate or public key exclusively to the API server, allowing the application to reliably confirm the server's identity each time it connects.

Read more about certificate pinning and how it ensures an additional layer of security and server communication integrity.

Developers use code obfuscation techniques to prevent cybercriminals from decompiling and reverse engineering source code. There are various types of obfuscation techniques which when combined with runtime protection make your app safer.

Read more about how code obfuscation protects an app’s source code.

Continuous integration (CI) and continuous delivery/ continuous deployment (CD) automate code change integration and deployment to production environments. This ensures frequent, reliable updates with minimal manual intervention.

Read more about how CI/CD and how organizations deploy it to streamline processes.

Developers use debuggers to analyze the behavior of applications in real time. While debuggers help you detect bugs and fix issues, they can also exploited by attackers to exploit vulnerabilities, bypass security controls, reverse engineer the app, and tamper with its logic.

Learn more about debuggers and how you can implement various anti-debugging tactics.

Code deobfuscation is a technique used to reverse obfuscated code, that is, intentionally hidden code. Developers obscure code to disguise the true logic of the program and protect it from reverse engineering and other attacks. Deobfuscation reverses this to reveal the original code for analyzing and understanding it.

Learn more about code deobfuscation and the current limitations of AI deobfuscators in effectively reversing obfuscated code.

Device cloning is the unauthorized duplication of a mobile device's identity attributes used to create a copy of the original device. It allows malicious actors to impersonate the original device's owner, potentially leading to identity theft and fraud.

Learn more about device cloning.

An emulator mimics a mobile device's hardware and software so that you can run the app on it as if it were on an actual physical device. But bad actors often use emulators to manipulate apps, bypass security measures, and abuse your API.

Learn more about emulators.

Encryption converts your sensitive plaintext data into a coded ciphertext that can only be read by someone with the proper decryption key. This prevents unauthorized access and ensures that even if data is intercepted, it cannot be deciphered without the decryption key.

Read more about how encryption works and what makes an encryption algorithm strong.

A false positive occurs when security systems incorrectly identify legitimate, non-harmful activity as a threat, and generate an alert or block the action. They are common in tools like antivirus software and email filters. False positives create unnecessary alerts that can overwhelm security teams, diverting attention from real threats.

Read more about false positives.

Hooking frameworks let you intercept and modify a mobile application’s behavior at runtime. While commonly used for debugging, testing, and performance monitoring, they also come with significant risks if exploited.

Read more about hooking frameworks and how to mitigate associated risks.

Jailbreaking is the process of exploiting vulnerabilities in a device's software to remove manufacturer-imposed restrictions. This allows the user to gain root access to the operating system, enabling the installation of third-party applications, custom firmware, and other modifications not officially sanctioned by the device manufacturer.

Read more about jailbreaking.

Keylogging, short for "keystroke logging," is a method of secretly recording keystrokes made on a computer or other input device, like a keyboard. Malicious software use it to track and monitor user activity without their knowledge or consent to capture sensitive information.

Learn more about keylogging.

Malware is any malicious software designed to harm or exploit devices, often stealing sensitive information or disrupting services. On mobile platforms, it can take the form of ransomware, trojans, or spyware, making security measures essential.

Read more about how malware impacts mobile devices and how to stay protected.

A malware injection inserts malicious code into your apps to steal data and impact performance. Malicious actors inject malware by exploiting vulnerabilities, tampering app code, and using compromised development tools.

Read more about the signs and symptoms of an injection attack and the security measures to prevent malware injection into your apps.

MitM attacks exploit vulnerabilities in communication channels, where attackers intercept and manipulate data in real time to steal data and other personal information by impersonating a trusted entity. Common MitM types include Wi-Fi eavesdropping, HTTPS spoofing, and DNS hijacking.

Read more about MitM attacks and how to detect these attacks.

As applications are progressively connected to the cloud and are available over various networks, they are increasingly vulnerable to security threats and breaches. The evolving cybersecurity landscape requires businesses to protect their apps from the inside out.

Read about mobile app security technologies and best practices.

Mobile app security testing (MAST) helps secure your mobile apps against vulnerabilities that malicious actors can exploit to compromise user data, privacy, and system integrity. It involves analyzing the code, app behavior, and app environment to identify vulnerabilities so that your mobile apps can stay safe from cyber threats.

Read about mobile app security testing and its techniques.

The Open Worldwide Application Security Project (OWASP) is a global non-profit organization working towards improving software. Key OWASP initiatives are standards and guides to help developers identify security gaps, ensure compliance with best practices, and build resilient software.

Read more about OWASP and its standards here.

Penetration testing simulates cyberattacks to identify vulnerabilities before attackers can exploit them. It helps strengthen the security of mobile apps and systems by assessing how they can be breached and provides actionable insights for fixing weaknesses.

Read more about how penetration testing enhances mobile app security.

Repackaging a mobile app is the malicious practice of modifying legitimate apps to include harmful elements like malware. It involves accessing the app's source code, inserting malicious code, and redistributing.

Find out more about repackaging, if iOS apps are less susceptible to this than Android apps, and how you can prevent your app from being repackaged.

Security researchers reverse engineer code to map security risks, understand malicious applications and disrupt them. Researchers are not the only ones doing this. Bad actors also want to find flaws and vulnerabilities through reverse engineering. Potential impacts include intellectual property theft, reputational damage, identity theft, and compromised backend systems.

Learn more about reverse engineering techniques and how to protect your mobile apps. 

Root detection is a security measure in Android apps that detects if a device is rooted, that is, gained root access and can bypass manufacture-imposed restrictions. Rooted devices are vulnerable to malware and unauthorized access. To prevent your app from running on insecure and rooted devices, you can implement root detection mechanisms.

Read more about root detection and its methods.

Rooting refers to gaining root access or administrative privileges on an Android device, like access to commands, system files, and folder locations usually locked off. This allows users to overcome limitations imposed by the device manufacturers or carriers, enabling the modification of system settings and installation of apps that require root access. Rooting can enhance device functionality but also poses significant security risks.

Read more about rooting.

One way of dealing with cyber threats is to let your apps protect themselves. By using runtime protection, your apps can surround themselves with a shield that identifies and blocks cyberattacks in real-time.

Read more about how runtime application self-protection makes your apps protect themselves. 

Security posture is your organization's resilience against cyber threats by assessing the effectiveness of your security controls. Improving security posture needs regular evaluation and assessments, updates to security policies, and adapting to emerging threats.

Read more about security posture and how you can assess it.

Sideloading allows you to install apps from sources outside the official app stores, bypassing security checks. While it gives you access to apps not available in your region, it also increases the risk of malware and other security threats.

Read more about how sideloading affects your device’s security.

Software development kits (SDKs) are toolsets that help developers create apps on platforms like iOS or Android. They provide building blocks, like code libraries and API interfaces to integrate native device functionalities and third-party services.

Read more about what is an SDK, its components and how to secure it.

Threat modeling is a structured process that analyzes potential security threats in a system, application, or process. It helps developers predict how attackers might exploit weaknesses and plan measures to counter that in the development liefcycle.

Read more about threat modeling and its frameworks.

Tokenization involves taking a piece of sensitive data and replacing it with a randomly generated string, called a token. This token has no relation to the original data outside of the secure tokenization system.

Read more about how tokens are generated and how tokenization can help protect your apps.

Every application that processes encrypted information uses cryptographic keys to decrypt and encrypt incoming and outgoing data. Hackers can easily lift unprotected keys through reverse engineering, memory analysis, side-channel attacks, and other techniques. This is where white-box cryptography comes in.

Read more about how white-box cryptography technology embeds secret keys.