The In-app protection market refers to security solutions implemented within the application (instead of the network or the operating system, for example) to make the application more resistant to attacks such as malicious data exfiltration, intrusion, tampering, and reverse engineering. Enterprises use in-app protection to safeguard their software-based assets and to protect their organization and customers from fraudulent attacks.
The mobile AST market is composed of buyers and sellers of products and services that analyze and identify vulnerabilities in applications used with mobile platforms (iOS, Android and Windows 10 Mobile) during or post development. Many variations and flavors of techniques exist, but fundamentally mobile AST solutions test applications in three main ways: (1) SAST: These solutions statically analyze the source, binary or bytecode of an application to identify vulnerabilities. (2) Behavioral testing: Mobile AST solutions use behavioral analysis to observe the behavior of the app during runtime and identify actions that could be exploited by an attacker. (3) DAST: These solutions also use dynamic analysis to test the app in its runtime state. DAST simulates attacks against an application and analyzes the application's reactions, determining whether it is vulnerable.