Glossary

action

A guard’s response after performing its check for tampering. A tamper action occurs when tampering is detected. A non-tamper action can also occur if no tampering is detected.

active guard

Guards that automatically respond to threats with countermeasures when malicious activity is detected, for example by crashing the app or repairing attacked code.

App Aware

An integrated Digital.ai monitoring service that provides visibility into the security posture of protected applications.

application (app)

A software program designed to run on a web browser, mobile device, or desktop computer.

ARM

Advanced RISC Machine. A popular, embedded CPU architecture, used commonly in mobile phones. For Digital.ai products, ARM specifically refers to binaries compiled for the ARM64 architecture.

attack

Any form of malicious activity aimed at a software program, including reverse engineering, debugging, code tampering, data theft, malware insertion, cheating, or piracy. Also known as tampering.

auto config

A basic level of protection that allows you to quickly and automatically protect apps without manually configuring any options.

bitcode

A low-level intermediate representation used by the LLVM compiler infrastructure for platform-independent code optimization.

blueprint

A JSON file used to tell Digital.ai Application Security how to execute protection. Also known as a protection blueprint.

build

The process of converting source code files into executable code.

bytecode

An intermediate language that is executed by a runtime program, or “virtual machine”.

callback

Executable code that is passed as an argument to other code, which is expected to execute (call back) the code represented by the argument at some appropriate time.

checksum

A value created by calculating the binary values in a block of data using an algorithm. The checksum value is stored, and later a new value is computed and compared with the original.

circular guarding

A guard directly or indirectly protecting itself.

code

A set of human-readable instructions and data that are used to create a computer program or mobile application. Also called source code.

code analysis

The act of examining a program to figure out how it works and identify faults or vulnerabilities.

code lifting

Using code that is not yours for your own purposes.

compiler

A computer program that translates source code into assembly or machine code.

control flow

The order in which a software program’s instructions are executed.

decryption

The restoration of encrypted code to its original state.

disassembler

A software tool that converts machine language into assembly language.

dynamic analysis

Examining a program while it is running, typically by using a debugger, emulator, or simulator.

dynamic guard

Guards that behave in the same way as active guards, but allow you to update some options while the protected app is running without requiring you to totally reprotect and redistribute the app.

emulator

A program that is designed to behave like a different type of computer system or device. Also known as a simulator.

encryption

The reversible transformation of data from its original state to a form that is unreadable by machine or human.

entry point

The first instruction to be executed in a software program or module.

event

Runtime guard activity that is recorded and reported by App Aware.

finalization

The process of completing and finalizing a software program, system, or application, ensuring it's ready for launch, implementation, or delivery.

function

A block of code that is designed to perform a specific task and can be referenced from anywhere in your app.

guard

A unit of code that performs a protective function or supports other guards.

guard network

A set of guards that work together to perform a protective function.

hash

A cryptographic operation that generates a fixed-length string from a variable-length string.

hooking

A range of techniques used to change the behavior of an app by intercepting and redirecting function calls to an attacker's malicious code.

image

An executable or shared library that has been loaded into memory.

integrity check

A protection technique used to detect changes to source code by comparing the current code state to a previously recorded state.

invocation location

A location in a protected application at which a guard is invoked.

invocation range

A range in which a guard is invoked.

MASVS

Mobile Application Security Verification Standard, an OWASP standard for mobile app security. For more information, see OWASP MASVS.

minification

A technique used to simplify code by removing all whitespace in the output to lose the layout format.

obfuscation

The process of transforming code to make it difficult to understand and analyze.

OWASP

The Open Worldwide Application Security Project, a nonprofit organization dedicated to improving software security. For more information, see OWASP.

protection engine

The component of Digital.ai Application Security that takes a blueprint as input, executes the commands in the blueprint against a compiled program or app, inserts guard code and other instructions into the binary, and generates the protected program.

reverse engineering

The process of analyzing a program to identify its components and their interrelationships.

runtime

The time during which a protected app is being executed, or runs, on a device.

seed

The starting value used by a pseudo-random number generator. Used by Digital.ai Application Protection to vary protected output.

sniffer

Software or hardware that examines network traffic both routinely and to detect bottlenecks and other problems.

static analysis

Examining a program without running it, typically by using a disassembler.

static guard

Guards that modify and obfuscate JavaScript, HTML5, and other source code elements to make it more difficult for attackers to understand, analyze, and reverse engineer.

tampering

Unauthorized modification of a software program to change the program’s functionality or exploit the program.

tamper resistance

Hardening a program to make successful attack so costly or time-consuming that it is impractical.

target platform

The operating system or device on which the protected app runs.

threat

Any event that could have an adverse effect on a program.

transpiling

The process of translating code from one programming language to another.

white-box cryptography

Encryption and decryption techniques designed to protect secret keys even when the attacker has full access to the implementation.

action​

active guard​

App Aware​

application (app)​

ARM​

attack​

auto config​

bitcode​

blueprint​

build​

bytecode​

callback​

checksum​

circular guarding​

code​

code analysis​

code lifting​

compiler​

control flow​

decryption​

disassembler​

dynamic analysis​

dynamic guard​

emulator​

encryption​

entry point​

event​

finalization​

function​

guard​

guard network​

hash​

hooking​

image​

integrity check​

invocation location​

invocation range​

MASVS​

minification​

obfuscation​

OWASP​

protection engine​

reverse engineering​

runtime​

seed​

sniffer​

static analysis​

static guard​

tampering​

tamper resistance​

target platform​

threat​

transpiling​

white-box cryptography​