Application hardening is a process of taking a finished application and making it more resistant to reverse-engineering, tampering, invasive monitoring, and intrusion. Combined with secure coding practices, application hardening is a best practice for companies to protect their app’s IP and prevent misuse, cheating, and repackaging by bad users. It is a key step at the end of any secure software development life cycle process, which ensures that the app is running as designed at runtime and thwarts cybercriminals’ efforts to reverse engineer the app back to source code.
Generally there are two types of app hardening solutions: passive hardening (a collection of techniques that make the application more resistant to attacks based on static analysis) and active hardening (a collection of techniques that hinder tools like debuggers by detecting their use, and changing the application’s behaviour in response). App hardening technology require only a few minutes for the developers to install. Typically, application hardening kits include integration tools to facilitate application hardening. Similarly, many application hardening packages enable application developers to integrate their products through a Software Developer Kit (SDK) included with the shielding solution. Once secured, the applications are immediately ready for distribution via public or enterprise app stores.