How to Compare Fusion Set API

Last updated January 31, 2024 by Appdome

Overview

Over time, the security needs and strategies of an app evolve. Comparing two fusion sets allows developers to track changes and enhancements made to the security policies across different versions of the same app. This is particularly crucial for ensuring that new updates incorporate all necessary security improvements and that no critical elements are compromised or overlooked. Such comparisons help in maintaining a robust and up-to-date security posture for the app.

To better understand how the compare fusion set API works, we have included two fusion set policy examples titled “Test Fusion Set 1” and “Test Fusion Set 2”, both set up for an Android application.

Prerequisites for using the Compare Fusion Set API

To use Appdome’s Compare Fusion Set API , you’ll need:

Get Started: How to Compare Fusion Sets

The Fusion Sets list allows viewing at a glance multiple details about each of the Fusion Sets.

IMPORTANT: Please refer to the Appdome API documentation Compare Fusion Set API in order to create your request.

To view details about a specific Fusion Set:

  1. Select the requested Fusion Set by clicking the check box on the left.
  2. Click the Details button on the right.
    Fusion Set Details
  3. Copy the original fusion set ID
  4. Copy the compare fusion set ID
    Copy Fusion Set Id
    To view details about Appdome’s API Token
  5. Go to Appdome settings > Account and API
  6. Copy your Appdome’s Build2Secure API Token
     Appdome’s Build2Secure API Token
  7. Input the request.
    Input Compare Fusion Set Api Request

Original Fusion Set 1


originalFs: {
   "id": "69eb3b30-xxxx-xxxx-xxxx-bb3f9e9d8zzz",
   "name": "Test Fusion Set 1",
   "platform": "android",
   "creation_time": "2022-04-29, 07:31:41 UTC",
   "updated_by": "John Doe",
   "policy": [
     {
       "name": "Appdome Mobile Security Suite",
       "children": [
         {
           "name": "TOTALData™ Encryption",
           "children": [
             {
               "name": "Data at Rest Encryption",
               "children": [
                 {
                   "name": "Exclude the Following Files",
                   "value": [
                     "*.jpg",
                     "*.png",
                     "*.jpeg"
                   ]
                 },
                 {
                   "name": "Exclude Media Files (.mp3...)"
                 }
               ]
             },
             {
               "name": "Encrypt In-App Preferences"
             },
             {
               "name": "Encrypt Strings"
             },
             {
               "name": "Encrypt Resources"
             },
             {
               "name": "XMLEncrypt™"
             },
             {
               "name": "Dex File Encryption",
               "children": [
                 {
                   "name": "Favor Loading Time"
                 }
               ]
             }
           ]
         },
         {
           "name": "OS Integrity",
           "children": [
             {
               "name": "Root Detection"
             },
             {
               "name": "Detect Unknown Sources"
             }
           ]
         },
         {
           "name": "TOTALCode™ Obfuscation",
           "children": [
             {
               "name": "Binary Code Obfuscation",
               "children": [
                 {
                   "name": "Favor App’s Size"
                 }
               ]
             },
             {
               "name": "Dex Relocation",
               "children": [
                 {
                   "name": "Favor Loading Time"
                 }
               ]
             },
             {
               "name": "Non-Native Code Obfuscation"
             },
             {
               "name": "Strip Debug Information"
             }
           ]
         }
       ]
     },
     {
       "name": "ANTI_FRAUD",
       "children": [
         {
           "name": "Mobile Malware Prevention",
           "children": [
             {
               "name": "Block Magisk",
               "children": [
                 {
                   "name": "Block Magisk Hide"
                 }
               ]
             },
             {
               "name": "Block Frida"
             }
           ]
         },
         {
           "name": "Mobile Cheat Prevention",
           "children": [
             {
               "name": "Block Memory Editing Tools"
             },
             {
               "name": "Prevent Code Injection"
             }
           ]
         }
       ]
     }
   ]
 },


 Fusion Set 2


compareFs: {
   "id": "a72dd9b0-xxxx-xxxx-xxxx-61616a38czzz",
   "name": "Test Fusion Set 2",
   "platform": "android",
   "creation_time": "2022-04-10, 08:03:06 UTC",
   "last_modify": "2022-04-10, 08:03:09 UTC",
   "updated_by": "John Doe",
   "policy": [
     {
       "name": "Appdome Mobile Security Suite",
       "children": [
         {
           "name": "TOTALData™ Encryption",
           "children": [
             {
               "name": "Data at Rest Encryption",
               "children": [
                 {
                   "name": "Exclude the Following Files",
                   "value": [
                     "*XXCCCDB*"
                   ]
                 }
               ]
             },
             {
               "name": "Encrypt In-App Preferences"
             },
             {
               "name": "Encrypt Resources"
             },
             {
               "name": "Dex File Encryption",
               "children": [
                 {
                   "name": "Favor Loading Time"
                 }
               ]
             }
           ]
         },
         {
           "name": "OS Integrity",
           "children": [
             {
               "name": "Root Detection"
             }
           ]
         },
         {
           "name": "Secure Communication",
           "children": [
             {
               "name": "MitM Prevention"
             },
             {
               "name": "Secure Certificate Pinning",
               "children": [
                 {
                   "name": "Hosts to certificate Mapping",
                   "children": [
                     [
                       {
                         "name": "Pinning Scheme",
                         "value": "Chain Evaluation"
                       },
                       {
                         "name": "Service Domain",
                         "value": "prod.app.com"
                       },
                       {
                         "name": "Certificates",
                         "value": "prod-feb2024.zip"
                       }
                     ]
                   ]
                 }
               ]
             }
           ]
         },
         {
           "name": "TOTALCode™ Obfuscation",
           "children": [
             {
               "name": "Binary Code Obfuscation",
               "children": [
                 {
                   "name": "Favor App’s Size"
                 }
               ]
             },
             {
               "name": "Non-Native Code Obfuscation"
             }
           ]
         }
       ]
     },
     {
       "name": "ANTI_FRAUD",
       "children": [
         {
           "name": "Mobile Malware Prevention",
           "children": [
             {
               "name": "Block Frida"
             }
           ]
         }
       ]
     }
   ]
 }
}

Compare Fusion Set 1 & 2

Each of these key values represent specific attributes and differences within two distinct sets of fusion policies for Android applications. These key values play a crucial role in defining the security and operational parameters of each policy set. Here’s an explanation of the key values and what they represent:

1. *status*: Indicates the overall comparison status between the two fusion sets. In this case, “not equal” suggests that there are differences between the two sets.

2. *diff*: Represents the differences between the two fusion sets. It breaks down the disparities in the configurations and settings of each policy within the sets.

3. *policy*: This key is a collection of individual security features that make up each fusion set. Each security feature is further detailed with specific attributes and settings.

4. *name*: Refers to the name of the feature. For example, “Appdome Mobile Security Suite” or “TOTALData™ Encryption”.

5. *children*: This is a nested key that indicates sub-features or configurations under a particular policy. It signifies a hierarchical structure where certain sub-features are categorized under broader main features.

6. *value*: This key holds the actual settings or the state of a particular feature or policy. It can be a boolean (true/false), a string (like a file path or domain name), or a list of values. These values represent the specific configurations of the policy.

7. *original* and *compare*: These keys are used under the “value” key to show the setting in the original fusion set and the comparison fusion set, respectively.

8. *originalFs* and **compareFs*: These keys represent the complete information about the original fusion set and the comparison fusion set, including their unique identifiers, names, creation times, and their full policy configurations.


status: "not equal",
  "diff": {
    "policy": [
      {
        "name": "Appdome Mobile Security Suite",
        "children": [
          {
            "name": "TOTALData™ Encryption",
            "children": [
              {
                "name": "Data at Rest Encryption",
                "children": [
                  {
                    "name": "Exclude the Following Files",
                    "value": {
                      "original": [
                        null,
                        "*.jpg",
                        "*.png",
                        "*.jpeg"
                      ],
                      "compare": [
                        "*XXCCCDB*"
                      ]
                    }
                  },
                  {
                    "name": "Exclude Media Files (.mp3...)",
                    "value": {
                      "original": true,
                      "compare": false
                    }
                  }
                ]
              },
              {
                "name": "Encrypt Strings",
                "value": {
                  "original": true,
                  "compare": false
                }
              },
              {
                "name": "XMLEncrypt™",
                "value": {
                  "original": true,
                  "compare": false
                }
              }
            ]
          },
          {
            "name": "OS Integrity",
            "children": [
              {
                "name": "Detect Unknown Sources",
                "value": {
                  "original": true,
                  "compare": false
                }
              }
            ]
          },
          {
            "name": "Secure Communication",
            "value": {
              "original": false,
              "compare": true
            },
            "children": [
              {
                "name": "MitM Prevention",
                "value": {
                  "original": false,
                  "compare": true
                }
              },
              {
                "name": "Secure Certificate Pinning",
                "value": {
                  "original": false,
                  "compare": true
                },
                "children": [
                  {
                    "name": "Hosts to certificate Mapping",
                    "children": [
                      [
                        {
                          "name": "Service Domain",
                          "value": {
                            "original": "staging-app.test.com",
                            "compare": "prod.app.com"
                          }
                        },
                        {
                          "name": "Certificates",
                          "value": {
                            "original": "staging-app.test.com",
                            "compare": "prod-feb2024.zip"
                          }
                        }
                      ]
                    ]
                  }
                ]
              }
            ]
          },
          {
            "name": "TOTALCode™ Obfuscation",
            "children": [
              {
                "name": "Dex Relocation",
                "value": {
                  "original": true,
                  "compare": false
                },
                "children": [
                  {
                    "name": "Favor Loading Time",
                    "value": {
                      "original": true,
                      "compare": false
                    }
                  }
                ]
              },
              {
                "name": "Strip Debug Information",
                "value": {
                  "original": true,
                  "compare": false
                }
              }
            ]
          }
        ]
      },
      {
        "name": "ANTI_FRAUD",
        "children": [
          {
            "name": "Mobile Malware Prevention",
            "children": [
              {
                "name": "Block Magisk",
                "value": {
                  "original": true,
                  "compare": false
                }
              }
            ]
          },
          {
            "name": "Mobile Cheat Prevention",
            "value": {
              "original": true,
              "compare": false
            },
            "children": [
              {
                "name": "Block Memory Editing Tools",
                "value": {
                  "original": true,
                  "compare": false
                }
              },
              {
                "name": "Prevent Code Injection",
                "value": {
                  "original": true,
                  "compare": false
                }
              }
            ]
          }
        ]
      }
    ],
    "common_fields": {}
  },

 

Related Articles:

If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.

Appdome

Want a Demo?

Cyber Release Management™

TomWe're here to help
We'll get back to you in 24 hours to schedule your demo.