As mobile apps continue as the dominant channel, organizations must rethink their security defenses to deal with the emerging threat of malicious mobile bots. Traditional Web Application Firewall (WAF) anti-bot solutions are incapable of protecting threats that exploit mobile apps or the mobile channel, leaving a gaping hole in most brands’ security defenses as mobile traffic often goes uninspected for malicious bot activity.
Appdome MobileBOT™ Defense fills this gap with the industry’s only anti-bot solution built from the ground up for mobile Moreover, the portability of Appdome’s anti-bot solution enables it to be used with any WAF, including multi-vendor WAF environments, allowing mobile brands to save millions of dollars by extending the life of existing WAF infrastructures and avoiding fork-lift upgrades to achieve comprehensive mobile anti-bot defense. Appdome MobileBOT™ Defense offers comprehensive anti-bot protection for mobile apps with no dev work, coding, SDKs, servers, or network upgrades required. 
In addition, Appdome provides real-time visibility of malicious bot attacks in ThreatScope Mobile XDR that allows mobile brands to measure, track, investigate, report, and respond to threats and attacks across production mobile apps, providing SOC-class visibility into mobile bot attacks and threats with full drill-down analytics on attacks against specific apps, devices, OSs, releases, and more.
Appdome MobileBOT™ Defense Differentiators
Appdome MobileBOT™ Defense has several unique capabilities to protect APIs, provide visibility, and reduce work for mobile app development teams:
1. Multi-layered App Fingerprinting
Fingerprinting refers to the methods used by an anti-bot solution to distinguish good connection requests/traffic/apps from malicious bots. Appdome uses multiple fingerprinting techniques to identify bots, each of which complements and informs one another to arrive at a highly accurate reading when it comes to determining good traffic from bad, resulting in negligible false positives/negatives.
2. Session Headers
Appdome’s session headers include a multitude of identifying information that is passed in the payload and used for fingerprinting, including timestamps, nonce, device state, and Appdome-ID that can be used for attestation, to determine if there any suspicious activity or malicious elements in or interacting with the app, session or device. All this data is packaged in a secure encrypted session and signed with an RSA payload signing key. This guarantees not only a tamper-proof payload but also enhances the WAF’s ability to thwart session replay attacks. This structure offers the WAF insight into the security status of the device running the protected app, with the ability to drill down on threat data and meta-data passed in the encrypted payload. This equips the WAF with all the intelligence it needs to effectively detect and block malicious bots.
3. mTLS Pre-Authentication
Appdome’s mTLS Pre-Authentication can be used as an additional optional fingerprinting method before the Anti-Bot payload is sent to the WAF using a P12 client certificate in the TLS handshake. Mutual TLS (mTLS) is a method for mutual authentication in which both parties in a network connection validate the SSL certificates presented by each other against a trusted root Certificate Authority (CA) certificate. mTLS is a quick and easy way to identify good mobile app requests from bad.
4. Real-Time Threat Intelligence
Appdome brings the power of its 160+ runtime and dynamic protections to the job of detecting and stopping mobile bot threats and attacks. We package our threat data inside our industry-leading attack intelligence and control framework, called Threat-Events™, and deliver that in the most comprehensive anti-bot payload to any industry standard WAF, including cloud, hosted, managed and on-premise WAF implementations from all major WAF vendors. This enriched payload information can be passed to any WAF for parsing, thus upgrading the WAFs intelligence capabilities so that it understands the full session risk (including all application, device and connection/network-based threats vectors).
5. Complete Mobile Risk
Additionally, MobileBOT™ Defense now offers real-time visibility of bot attacks from ThreatScope Mobile XDR. The new bot detection and analytics service allows mobile brands to measure, track, investigate, report, and respond to threats and attacks across the WAF infrastructure, providing SOC-class visibility into mobile bot attacks and threats with full drill-down analytics on attacks against specific apps, devices, connections, OSs, releases, and more, all without a separate analytics package, SDK or device agent.
6. Standard & Advanced Mobile Anti-Bot Policies
Appdome’s standard anti-bot protection policy includes an always-on mobile anti-bot threat detection profile with ThreatIDs for jailbreak, rooting, Magisk, Zygisk, Jailbreak detection bypass, Frida ToolKits, emulator/simulator detection and more. There’s also an optional on-device bot detection policy that protects against automated programs interacting with the mobile app such as auto-tapping, auto-clickers, memory editing, keystroke injection and more.
Advanced Bot Detection Intelligence allows payloads to include the Mobile Threat-ID™, detailed threat description, Threat-Score™, attack geolocation, and metadata such as DeviceID and more than two dozen other variables for drill-down analysis.
7. End-To-End Hardening
Appdome protects all data-in-transit with pre-packaged and optional features like Secure Certificate Pinning to the (WAF), TLS Session hardening, active MiTM Defense, mTLS pre-authentication, as well as WAF encryption for the Session Header Payload. To eliminate spoofing, signal tampering, session hijacking and replay attacks, Appdome encrypts sensitive data-in-rest as well as encryption for all Anti-Bot configurations, secrets, keys, IDs, etc, along with a protected memory space for all Anti-Bot functions. And of course, customers also have access to all of Appdome’s static and dynamic protections, including code obfuscation, encrypted strings, preferences, resources, anti-tampering, anti-reversing and much more, ensuring a fully hardened implementation that cannot be tampered with or bypassed.
8. Hassle-Free Implementation & Operation
Using Appdome’s automated mobile defense platform allows organizations to build robust mobile bot detection and protection capabilities directly into Android and iOS applications without requiring servers, agents, SDKs or code changes. Moreover, Appdome enables cross-functional teams to build anti-bot defenses directly into apps with a full audit trail of every build and a way to manage, operationalize, and version control security releases on an ongoing basis.
9. Full WAF Portability and Compatibility
Appdome MobileBOT™ Defense is compatible with all Industry Standard WAFs which organizations typically use to inspect connection requests, allowing for threat and attack information to be sent in an encrypted payload for the WAF to use in its enforcement decisions. This includes a multi-layered finger-printing approach that’s easy on compute resources for all protected hosts, including client-side rate limiting for connection requests, mTLS pre-authentication and optional phased payload delivery to inspect connection requests as-you-go and preserve compute resources on WAF and other resources used for parsing and inspection the anti-bot payload.
10. Universal Compatibility With All Dev Frameworks and Languages
Appdome’s MobileBOT™ Defense offers full support for all mobile programming languages and dev frameworks (native and non-native), including Obj-C, C+, Java, JS, C#, C++, Swift, Kotlin, Flutter, React Native, Unity, Maui, Maui, Xamarin, Cordova and more. This allows anyone to seamlessly implement Appdome protections and solutions into any iOS or Android app with No-Code, No-SDK, No agents, no servers, and fully automated implementation and delivery, all from inside existing mobile DevOps pipelines.
Conclusion
In conclusion, Appdome’s MobileBOT™ Defense stands out with its multi-layered app fingerprinting, session headers, mTLS pre-authentication, and real-time threat intelligence, offering a comprehensive solution against mobile bot threats. With hassle-free implementation, end-to-end hardening, and full WAF portability, it ensures robust protection without the need for servers or code changes. Appdome’s universal compatibility with all dev frameworks and languages, coupled with integrated threat intelligence, empowers organizations to swiftly implement new protections against evolving threats, leading to significant cost savings and operational efficiency. And to add icing on the cake, Appdome doesn’t require dev or engineering resources or effort, it works with all existing dev workflows and DevOps tools, and it offers full portability to any WAF, allowing significant cost savings in both capex and opex. Finally, integrated threat intelligence gives organizations visibility into real-time threats and attacks against production apps coupled with a click-to-build system that allows them to implement new protections into mobile apps immediately as threats are discovered.
Want to learn more about how to use Appdome MobileBOT™ Defense to protect backend APIs against malicious bots? Click the button below to get a free 20-minute demo.
Request a Demo
