When you hear about the impacts of not protecting your application, you most often think of the financial loss.
It’s no wonder though: the average cost of vulnerabilities is about $13 million dollars, spread across fines, the cost of remediation, and the cost of preventing data leakage. It’s not even factoring in the cost of damage to a company’s reputation after a breach, where customers might not want to continue using the company’s services out of mistrust, according to John Brawner, director of support at the application security company PreEmptive.
Related Webinar: Protecting your Spring Boot applications from recent critical vulnerabilities
But there’s another big loss to consider: intellectual property (IP) loss. When IP is lost, it can mean competitors are now able to copy, steal, or leverage your IP in their own applications.
A recent example of this is when American Superconductor, which produces clean energy solutions, lost its IP to one of its customers, Sinovel. Sinovel refused a shipment of components and refused to pay the millions of dollars it owed for them. Eventually it came out that the reason for this was that Sinovel has obtained the source code for American Superconductor’s electronic components and installed a pirated version on their wind turbines.
According to Brawner, reverse engineering can be a significant issue for companies, and hackers could gain access to and expose functionality.
One way to prevent that is by obfuscating code, Brawner explained. Obfuscation involves modifying the executable file of a code so that the code is still functional, but hackers cannot make use of it.
It prevents IP loss by concealing the framework and structure of your application, keeping it hidden from corporate spying and protecting it from your competitors.