Alice - Threat Reporting and Telemetry
Using Alice with DexProtector
Once your app has been released, DexProtector continues to monitor its security as it is being used anywhere in the world, with all data about risks, threats, and attacks being sent automatically to your account in Licel’s Attack Telemetry and Threat Intelligence Service (Alice).
Alice offers an easy-to-use dashboard where you can keep track of key incidents as they occur, including any cases of HTTP public key pinning anomalies, tampering, and crashes. You can view these incidents according to when and where they took place, and you can tailor the output data to suit your reporting needs.
DexProtector and Alice can also work in combination with your own risk analysis system, so that you have the security monitoring information you need in the form that works best for your organization.
The result is that you have an easy-to-use overview of every incident, from the moment it happens; a flexible search tool which sorts by attack type and content; and notifications every time DexProtector’s defences are triggered.
Getting started with Alice
1. Get login credentials for Alice
2. Copy the API key for Alice integration
Log in to alice.licelus.com with the username and password you have received. On the Alice start page, you will find a unique automatically generated key that you can use to integrate Alice when configuring DexProtector.
3. Enter the API key in the DexProtector configuration file
Use DexProtector Studio or edit the configuration file directly by adding the
<reportMonitoring> element and
<apiKey> nested element, as follows:
' <reportMonitoring> <apiKey>137feb09-f390-4f00-b43f-ebccf530adf6lt</apiKey> </reportMonitoring>
4. Protect the application and get the first reports
Protect your application using the modified configuration file. Your Alice API key will be integrated into the application during DexProtection. Then, when the application detects a threat, a report will be signed in to Alice using this key. If your key is compromised for any reason, you can generate a new key in Alice and block the old one. You will be able to generate an incident yourself or wait for real incidents. While there are no incidents, Alice displays only the start page and a demo project. As soon as new incidents occur, your application will report to Alice automatically.