Emphasizing the significance of left-shifting in app security, Build38 secures €13 million for its trust development kit.
Enterprise security’s weakest link is often identified as applications. The advent of cloud computing and the rise of hybrid work setups have cultivated an environment where applications stand as prime targets for cyber attackers. According to research, a significant 42% of organizations have encountered security incidents tied to unpatched mobile applications or devices.
Nevertheless, an increasing number of providers are stepping forward to bolster the defenses of applications against modern threat actors. One such player in this arena is Build38, a mobile security and application monitoring provider. Today, they have announced a successful €13 million funding raise as part of a Series A funding round, with Tikehau Capital leading the investment.
One of Build38’s key offerings, the Trusted Application Kit (TAK), is a software development kit crafted to seamlessly integrate with Android and iOS applications during their development phase. Its primary purpose is to incorporate threat detection capabilities directly into the application.
This funding announcement underscores the importance of shifting security practices to the early stages of development and integrating in-app protections. This strategic approach holds the potential to significantly diminish the likelihood of threat actors exploiting vulnerabilities in end-user devices, particularly at the network’s edge.
Security by design is the way forward
Build38’s announcement arrives at a time when cloud adoption is on the rise, and organizations are increasingly grappling with the reality of security threats. These threats not only target endpoints at the network’s perimeter but also extend to users’ personal mobile devices, especially in remote working setups.
“In this era of cloud computing, organizations are now acutely aware of and susceptible to attacks and threats that can originate from virtually anywhere,” remarked Christian Schläger, the CEO of Build38. “Whether you are a car manufacturer in China, a traditional commercial bank in Ghana, or a fintech company in the UK, all enterprises face similar threats from adversaries who exploit the fact that the concept of a ‘perimeter’ for infiltrating an organization’s network no longer stops where the service provider decides.”
He further explained, “Attackers can now easily reach individual users right in the palm of their hands, simply by downloading an app from an app store.”
Build38’s in-app protection employs artificial intelligence to detect any alterations, reverse engineering, or code manipulation within the app. This capability serves as a valuable complement to the security measures already offered by platforms like Google Play and the App Store.
Additionally, TAK possesses the capability to generate events and transmit data to an external Security Information and Event Management (SIEM) system when an app exhibits suspicious behavior. This empowers security teams to promptly identify potential breach attempts.
The mobile security market
Build38 operates within the mobile security market, a sector that was valued at $3.3 billion in 2020 and is anticipated to soar to $22.1 billion by 2030, reflecting a robust compound annual growth rate (CAGR) of 21.1%.
In this competitive landscape, one of Build38’s prominent rivals is Zimperium, a mobile endpoint and application security provider that was acquired by Liberty Strategic Capital for $525 million last year. Zimperium’s tool offers real-time threat visibility, security measures, and compliance scanning capabilities. It excels in detecting hacker intrusion attempts on applications and seamlessly integrates with external UEM and XDR platforms.
Another notable contender is AppDome, which specializes in safeguarding Android and iOS applications through runtime protection, anti-debugging features, and anti-tampering mechanisms.
What sets Build38 apart from its competitors, as Schläger emphasizes, is its unique approach. Build38 combines a client-based solution that empowers apps to be self-defending with a backend component that enables real-time threat monitoring and mitigation. This comprehensive solution also provides detailed threat reporting for organizations, equipping their teams to proactively combat security threats.