Social Media
Privately / Publicly Owned
Private
Employees
11-50
Challenges
Solutions
This emerging social media company was founded in the mid-2010s with the goal to provide a healthier alternative to other mainstream social media platforms. The founders were troubled by the addictive algorithms employed by most social media platforms. These algorithms have resulted in a system that favors content with “shock-value” such as hate speech, divisive opinions, and misinformation as they tend to generate more engagements (e.g., likes, comments, shares) - which is good for business. Unfortunately, these mechanisms have also been correlated with increased anxiety, depression and sleep problems amongst their users.
The founders wanted to change this by providing a truer-to-life socializing experience for its users. By eliminating algorithms, they let their users choose how content is consumed on the platform, allowing for more organic engagements within the community. They aim to protect their users’ privacy by getting rid of advertisement and data-mining activities, aligning their business with users’ needs and preferences. This ‘customer-first’ approach has helped them maintain a low churn rate by evolving their platform in accordance to what their users value. They have grown their user base by over 3000% from 2018 to 2023.
“We wanted to build a healthy social media platform that allows people to not only interact, but also collaborate with each other - just like you do in real-life communities. From the start, we decided to put our users ahead of our profit. We believe that users will continue using our platform as long as it adds value to the community.”
– CTO, Emerging social media platform
Prior to working with Guardsquare, the social media company managed their platform security themselves, using a mix of in-house and open-source solutions. At the start, they focused on developing and refining the functionality of the Android and iOS apps, and app security was an afterthought. This soon changed following the fallout of the Facebook-Cambridge Analytics scandal, where Facebook was accused of improperly harvesting the personal data of >87 million users. This led to an influx of new users on the platform as concerned Facebook users looked for a more transparent social media platform. Unfortunately, some users always have more malicious intentions, which is always a danger to the community's health.
”When we detected hundreds of bot attacks on our platform, we realized that we needed to improve our security posture immediately. They hijacked our content discovery feature to spread misinformation and highly controversial content, to artificially manipulate their account engagement level. This is detrimental to the platform’s health as the engagement level enables them to commit different kinds of fraud”
— CTO, Emerging social media platform
With their apps insufficiently protected and vulnerable to reverse engineering and tampering, attackers were able to execute orchestrated bot attacks to commit fraud, using a variety of static and dynamic attack techniques (e.g., hooking, API attack). This malicious activity undermined the community’s health and the company's business. The company immediately realized the need for putting security as one of their top priorities and started a search for a partner to help protect and monitor their iOS and Android apps.
Guardsquare was recommended by a trusted partner in the financial service industry for its good reputation and the advanced protection the products offer. The company found DexGuard and iXGuard's advanced code hardening and RASP to be exactly what they needed to prevent malicious users from being able to decompile, modify, repackage and launch bot attacks on their platform.
"We wanted to protect our apps just like banks protect theirs. We needed a market-proven partner who provides advanced security solutions and in-depth technical expertise to help us navigate through the ever-evolving threat landscape,” said CTO of social media platform.
The security team also decided to implement Guardsquare's real-time threat monitoring solution to complement their data monitoring stack. By enriching their data intelligence with ThreatCast data, they can make more informed and timely product and security decisions. Additionally, they also opted for Guardsquare's Gold-tier support to accelerate their onboarding process and receive project-specific guidance.
By implementing the hook detection, jailbreak and root detection, emulator detection and API call hiding features in DexGuard and iXGuard, they were able to completely prevent attackers from executing bot-attacks on their platform. By layering these runtime protection with code obfuscation features (e.g., name, string encryption, control flow, data transformations) their Android and iOS apps are well fortified, as each individual protection technique reinforces each other. Additionally, Guardsquare's polymorphic protection approach resets the clock for the attackers, making it extremely difficult for them to break into the app.
"Once our apps were fully protected with DexGuard and iXGuard, we no longer saw successful bot attack attempts on our platform. ThreatCast has helped us to stay on top of the different kinds of threats our apps are facing. The breadth and depth of real-time data ThreatCast collects is impressive. We can now pinpoint users with suspicious activities along with their device and location information to take the necessary measures whenever required. "
— CTO, Emerging social media platform
ThreatCast has helped the company stay ahead of the attackers by providing valuable real-time insights into how apps were being attacked, enabling them to promptly ban malicious accounts and fine tune their protection configurations in the subsequent release. With a plan to introduce paid subscription into the platform in the near future, the company is fully confident that attackers would not be able to bypass their paywall and get premium features for free. Next, the company looks forward to incorporating Guardsquare's free mobile app scanning tool, AppSweep, into their application development lifecycle.
"We are really happy with the products and support we received from Guardsquare. I can now sleep better at night knowing that our apps are well protected" continued the CTO of emerging social media platform.
Guardsquare offers the most complete approach to mobile application security on the market. Built on the open source ProGuard® technology, Guardsquare’s software integrates seamlessly across the development cycle. From app security testing to code hardening to real-time visibility into the threat landscape, Guardsquare solutions provide enhanced mobile application security from early in the development process through publication.
More than 900 customers worldwide across all major industries rely on Guardsquare to help them identify security risks and protect their mobile applications against reverse engineering and tampering.
The creators of ProGuard® | www.guardsquare.com