Articles on: Use of the Products

Monitor (Runtime application self-protection)

What types of threats does Monitor detect?



Monitor detects multiple types of security threats, including:

Reverse engineering attempts (debuggers, memory dumping, hooking)
Tampering & unauthorized modifications (patching, memory manipulation)
Malware & cheat tools (Frida, Xposed, GameGuardian)
Environment risks (rooted/jailbroken devices, emulators, sandboxes)
Network threats (traffic sniffing, man-in-the-middle attacks)
Unauthorized device usage (cloned devices, unauthorized environments)

How does Monitor analyze and identify security risks?



Monitor works as a RASP (Runtime Application Self-Protection) solution, continuously analyzing your application in real time. It detects anomalies by:
✔ Monitoring code integrity and runtime modifications
✔ Checking device security status (root, emulation, tampering)
✔ Identifying malicious behavior (memory injection, unauthorized debugging)
✔ Logging and analyzing security events via the ByteHide dashboard

Can I receive real-time alerts for security threats?



Yes! Monitor provides real-time alerts through:

Email notifications for critical threats
Dashboard alerts for detected incidents
Custom webhook integrations for SIEM/SOC tools
Automated actions (e.g., terminate app, wipe data, lock access)

🔔 You can configure alerts based on specific security policies and severity levels.

How do I configure security policies in Monitor?



You can customize Monitor’s security policies in the ByteHide dashboard:

Go to "Monitor" in the dashboard.
Navigate to by the workflows tab.
Select which threats you want to detect (debuggers, root, tampering, etc.).
Choose the reaction (alert, block, terminate app, delete data).
Save your configuration and deploy it to your applications.

✅ Monitor allows full customization to match your security needs.

What actions does Monitor take when a threat is detected?



Monitor provides automated threat responses, including:

Logging & reporting security incidents
Sending real-time alerts to admins/developers
Blocking unauthorized access to the app
Force-closing the application
Wiping app data to prevent further attacks
Blocking the device permanently from using the app

🔥 You can configure custom actions based on the severity of the detected threat.

How do I integrate Monitor with my existing security tools?



Monitor integrates with existing security tools via:

API access for fetching security logs and events
Webhook support for SIEM and SOC platforms
Integration with Shield & Secrets for enhanced protection
Custom event logging for forensic analysis

Can I customize the security rules applied by Monitor?



Yes! Monitor allows full customization of security rules:

Choose which threats to detect (root, hooking, tampering, etc.)
Define custom response actions (alerts, app termination, data wiping)
Adjust security sensitivity based on your risk tolerance
Create environment-specific rules for different app versions

Updated on: 05/03/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!