How to Use Appdome ThreatID™ In Mobile Bot Defense

What is an Appdome Threat ID?

Appdome Threat IDs are unique digit codes, an essential part of the Appdome Mobile Bot defense, responsible for identifying a myriad of mobile security threats. Each threat vector detected by the system is assigned a specific Threat ID, which is then communicated to a Web Application Firewall (WAF) or other security gateways. This process allows these security platforms to interpret the nature of the threat based on the Threat ID, informing whether to block, log, or permit the incoming request. With each threat vector assigned a specific Threat ID, security teams can quickly identify and understand the nature of the threat without the need for extensive analysis.

Why are Appdome Threat IDs Important?

The importance of Appdome Threat IDs becomes evident when considering real-world applications. Consider a scenario where Appdome’s Mobile Bot defense is operating on a mobile device and uncovers that the device is rooted. In such a case, Appdome reacts by invalidating the session secret, marking it ‘At Risk,’ and issues a unique digit code, the Threat ID, specifically pointing to the ‘rooted device’ threat vector. This process alerts the security gateways, like the Web Application Firewall (WAF), providing the precise Threat ID for a rooted device scenario. Equipped with this specific information, the WAF or a corresponding server interprets the Threat ID and makes an informed decision.

Moreover, users can input these Threat IDs into Appdome’s Remediation Center, giving them a platform to understand the threats better and decide on the suitable countermeasures. This level of detailed, real-time communication and analysis is what makes Threat IDs indispensable in maintaining a secure mobile application environment, safeguarding against intricate threat vectors efficiently.

Prerequisites to Using Appdome ThreatID™:

To use Appdome’s ThreatID™ , you’ll need:

• Appdome account (create a free Appdome account here)
• A license for Mobile Bot Defense
• Mobile App (.ipa for iOS, or .apk or .aab for Android)
• Signing Credentials (see Signing Secure Android apps and Signing Secure iOS apps)

Note: The “Appdome ThreatID” is integrated within the “Session Headers” feature. For your convenience, there’s no need to construct separate fusion sets—simply build one comprehensive set for “Session Headers” to include the Appdome ThreatID™ functionality.

How to use Appdome ThreatID™

On Appdome, follow these 3 simple steps to create self-defending Mobile Apps that create Appdome ThreatID™ without an SDK or gateway:

1. Upload the Mobile App to Appdome
   • Upload an app to Appdome’s Mobile App Security Build System
   • Upload Method: Appdome Console or DEV-API
   • Mobile App Formats: .ipa For iOS device or .apk or .aab
   • Appdome ThreatID™: Obj-C, Java, JS, C#, C++, Swift, Kotlin, Flutter, React Native, Unity, Maui, Xamarin, and more
2.  Build the feature: Session Headers
   • Build Session Headers using Appdome’s DEV-API:
   • Create and name the Fusion Set (security template) that will contain the Session Headers feature as shown below:
     
     Figure 1: Fusion Set that will contain the Session Headers feature
     Note: Naming the Fusion Set to correspond to the protection(s) selected is for illustration purposes only (not required).
   • Follow the steps in Section, Building the Session Headers feature via Appdome Console, to add the Appdome ThreatID feature to this Fusion Set.
   • Open the Fusion Set Detail Summary by clicking the “…” symbol on the far-right corner of the Fusion Set, as shown in Figure 1 above, and get the Fusion Set ID from the Fusion Set Detail Summary (as shown below)
     
     Figure 2: Fusion Set Detail Summary
     
     Note: Annotating the Fusion Set to identify the protection(s) selected is optional (not mandatory).
     
   • Follow the instructions below to use the Fusion Set ID inside any standard mobile DevOps or CI/CD toolkit, such as Bitrise, App Center, Jenkins, Travis, Team City, Circle CI, or other systems.
   • Build an API for the app – for instructions, see the tasks under Appdome API Reference Guide
   • Look for sample APIs in Appdome’s GitHub Repository.

Building the Session Headers feature via Appdome Console

1. To build the Session Headers protection using Appdome Console, follow the instructions below:
2. Where: Inside the Appdome Console, go to Build > Anti Bot Tab > MobileBOT™ Defense section
3. How: Toggle (turn ON) Session Headers, as shown below.
   
   Figure 3: Validate Session Headers
   When you select Session Headers, you’ll notice that the Fusion Set you created now bears the icon of the protection category that contains Session Headers
   Figure 4: Fusion Set that displays the newly added Session Headers protection
4. Click Build My App at the bottom of the Build Workflow (shown in Figure 3).
5. Certify the Session Headers feature in Mobile Apps.

After building Session Headers, Appdome generates a Certified Secure™ certificate to guarantee that the Session Headers protection has been added and is protecting the app. To verify that the Session Headers protection has been added to the mobile app, locate the protection in the Certified Secure™ certificate as shown below:

Figure 5: Certified Secure™ certificate

Each Certified Secure™ certificate provides DevOps and DevSecOps organizations with the entire workflow summary, audit trail of each build, and proof of protection that Session Headers have been added to each Mobile app. Certified Secure provides instant and in-line DevSecOps compliance certification that Session Headers and other mobile app security features are in each build of the mobile app.
Using Appdome, there are no development or coding prerequisites to build secured Mobile Apps using Session Headers. There is no SDK and no library to code or implement in the app and no gateway to deploy in your network. All protections are built into each app and the resulting app is self-defending and self-protecting.

Releasing and Publishing Mobile Apps with Session Headers

After successfully securing your app using Appdome, there are several available options to complete your project, depending on your app lifecycle or workflow. These include:

• Customizing, Configuring & Branding Secure Mobile Apps
• Deploying/Publishing Secure mobile apps to Public or Private app stores
• Releasing Secured Android & iOS Apps built on Appdome.