DexProtector 12.5 has arrived. It comes with enhanced runtime check mechanisms and tools to mitigate supply chain attacks.
As we’ve said many times on this site, cybercriminals are always on the lookout for new ways to profit from vulnerabilities. They don’t stop, so neither can we.
Our reinforced runtime check capabilities are a reflection of this reality.
We’ve seen a growing trend recently of bad actors combining different dynamic analysis and privilege escalation tools. For example, they might use Magisk alongside Zygisk. Or they could use either of these tools together with Frida.
And so there’s now a pressing need to spot more subtle, better-hidden usage of rooting frameworks. That’s exactly what DexProtector 12.5 does. Its enhanced detection capabilities make sure that these tools can’t scrutinise the vital signposts within your application.
DexProtector’s runtime checks are now easier to set up, too. We know that a lot of you are using no-code and hybrid approaches to develop, so where you once needed to include some code to enable these checks, it’s now a simple check box instead. One click, and you’re secured.
Software supply chain attack mitigation
We recently published an article that explores why software supply chain attacks are so dangerous and advises on how to stop them.
Some of our recommendations in that piece are longer term and philosophical in nature. One example being the need to rethink our reliance on free, open source software. But in the short term there are ways to mitigate these attacks, and the latest version of DexProtector makes it even easier to do so.
There is now a functionality within DexProtector that allows you to check dependencies for vulnerabilities. That way you can make sure that no malicious code has found its way into your application.
DexProtector continues to work perfectly alongside frameworks and application libraries. And its tamper-proofing tech means that bad actors are unable to modify your apps and libraries.
If you have a valid license for DexProtector 8, 9, 10, or 11, and an active support subscription, you can receive this upgrade at no additional cost. If your support subscription has been inactive for a month or more, please purchase a new license.
If you’d like to upgrade from the Standard version to the Enterprise version, please request a quote.
Finally, to renew your support subscription, please contact us.
To get the latest version, please request a link to the latest distribution package or send us an email.