obfuscator

If you are going to the Software Security Summit stop by PreEmptive's booth and attend our talk: TITLE: Binary protection: alignment with IT Governance, IP policies and effective risk management

The role of source code protection is well-understood in the context of IP management and security. Assuming that a reasonable set of controls are in place as a function of an effective IT governance program, most organizations are under the impression that they are managing risks associated with the loss of intellectual property, loss of revenue due to piracy, malicious attacks on operations and, by extension, reputation.

However, the richness and flexibility of modern runtime platforms such as Java and .NET have the side effect of simplifying the reconstruction of source code via access to associated binaries. As a result, organizations must either extend source code controls to their executables or establish an alternate set of compensating controls to mitigate these risks. Typically, it is not practical to manage executables in the same fashion as source due to the obvious difference in use. Therefore, an alternate strategy is required to provide a reliable mitigation of risk. Program obfuscation offers one such strategy. This session will discuss the different types of obfuscation technologies available, some of the issues that arise when using an obfuscator, and steps you can take to make obfuscation a seamless part of a secure development cycle.