Protect your Flutter app with DexProtector.
DexProtector's interconnected layers of protection secure Flutter applications just as comprehensively as native apps.
Why Flutter app security is so important.
Flutter is increasingly becoming a go-to framework for developing mobile apps. But this trend allied with Flutter’s relative novelty has made its apps a prime target for attackers. There’s not a lot of in-built protection (or security guidance) for Flutter. But DexProtector works almost exactly the same with Flutter as it does with native apps. So, you can focus on using the framework to provide a great experience for your end users without having to worry about their security.
Solutions for Flutter app security vulnerabilities.
Reverse engineering
The nature of Flutter apps - combining your Dart code with the integrated Flutter engine - can make the task of reverse engineering more difficult for adversaries. But the risk still exists - an attacker simply needs the right experience to succeed.
DexProtector guards against reverse engineering from both static analysis and dynamic instrumentation. It uses code hardening techniques like encryption and obfuscation to stop decompilation and modifying. And its RASP checks detect jailbroken devices, emulators, and hooking frameworks like Frida - all of which can be used at runtime to carry out dynamic instrumentation. If any of these tools are detected by DexProtector, it won’t allow the app to start.
Man-in-the-middle attacks
Since Dart uses standard platform APIs for network connectivity, Flutter apps are no more protected than native apps against man-in-the-middle attacks.
DexProtector uses a combination of SSL Pinning and Certificate Transparency checks to secure communications between your app and remote endpoints. It makes sure that communications from your app end up only at the genuine server - not at a malicious one a bad actor has set up.
Supply chain attacks
Flutter apps tend to get their libraries and dependencies from the pub.dev resource which is a repository of Dart and Flutter packages. The fact that you only need a Google account to publish there means that anyone with bad intentions could upload a malicious package that might later end up in your application.
AppCare is an innovative tool that comes with DexProtector Studio. You can use it to scan your application for existing, known vulnerabilities in libraries and dependencies. That way you can be sure that there’s no rogue code that can cause problems further down the line.
DexProtector is the perfect partner for Flutter apps.
Although a Flutter application's assets may differ from a native app's, DexProtector can protect it just as effectively. Every single aspect of the DexProtection process also applies to your Flutter app.
Save time with instant integration
Seamlessly integrate DexProtector into your development lifecycle. Whether you use DexProtector Studio, integrate into the CI/CD process via the Gradle plugin or the command line, it’s as easy as “unprotected app in, protected app out.”
Protect on premises and avoid online risks
Bypass unnecessary risks associated with cloud-based security solutions. DexProtector operates offline in a safe environment that you control.
Secure your app without slowing it down
DexProtector’s multi-layered protection doesn’t compromise performance. Your app retains its speed and responsiveness, giving you robust security without a lag.
Find out why DexProtector is already trusted to protect Flutter apps.
A guide to mobile application protection
Attacks against mobile apps are getting more dangerous. To defend against them you need to know how and why attackers target them and what you can do to stop them succeeding.
read guide