Monitor (Runtime application self-protection)

What types of threats does Monitor detect?

Monitor detects multiple types of security threats, including:

✔ Reverse engineering attempts (debuggers, memory dumping, hooking)
✔ Tampering & unauthorized modifications (patching, memory manipulation)
✔ Malware & cheat tools (Frida, Xposed, GameGuardian)
✔ Environment risks (rooted/jailbroken devices, emulators, sandboxes)
✔ Network threats (traffic sniffing, man-in-the-middle attacks)
✔ Unauthorized device usage (cloned devices, unauthorized environments)

How does Monitor analyze and identify security risks?

Monitor works as a RASP (Runtime Application Self-Protection) solution, continuously analyzing your application in real time. It detects anomalies by:
✔ Monitoring code integrity and runtime modifications
✔ Checking device security status (root, emulation, tampering)
✔ Identifying malicious behavior (memory injection, unauthorized debugging)
✔ Logging and analyzing security events via the ByteHide dashboard

Can I receive real-time alerts for security threats?

Yes! Monitor provides real-time alerts through:

✔ Email notifications for critical threats
✔ Dashboard alerts for detected incidents
✔ Custom webhook integrations for SIEM/SOC tools
✔ Automated actions (e.g., terminate app, wipe data, lock access)

🔔 You can configure alerts based on specific security policies and severity levels.

How do I configure security policies in Monitor?

You can customize Monitor’s security policies in the ByteHide dashboard:

Go to "Monitor" in the dashboard.
Navigate to by the workflows tab.
Select which threats you want to detect (debuggers, root, tampering, etc.).
Choose the reaction (alert, block, terminate app, delete data).
Save your configuration and deploy it to your applications.

✅ Monitor allows full customization to match your security needs.

What actions does Monitor take when a threat is detected?

Monitor provides automated threat responses, including:

✔ Logging & reporting security incidents
✔ Sending real-time alerts to admins/developers
✔ Blocking unauthorized access to the app
✔ Force-closing the application
✔ Wiping app data to prevent further attacks
✔ Blocking the device permanently from using the app

🔥 You can configure custom actions based on the severity of the detected threat.

How do I integrate Monitor with my existing security tools?

Monitor integrates with existing security tools via:

✔ API access for fetching security logs and events
✔ Webhook support for SIEM and SOC platforms
✔ Integration with Shield & Secrets for enhanced protection
✔ Custom event logging for forensic analysis

Can I customize the security rules applied by Monitor?

Yes! Monitor allows full customization of security rules:

✔ Choose which threats to detect (root, hooking, tampering, etc.)
✔ Define custom response actions (alerts, app termination, data wiping)
✔ Adjust security sensitivity based on your risk tolerance
✔ Create environment-specific rules for different app versions

Updated on: 05/03/2025