🚀Features and Pricing Plans
Talsec's Multi-Layered App and API Protection Model
L0 - Detect Attacks: Check app security state with freeRASP & Talsec Portal insights
L1 - Protect App: Pass pentests, combat reverse engineering, and comply with regulations with RASP+ and AppHardening (Secret Vault, Dynamic TLS Pinning)
L2 - Protect Transactions: Combat API abuse, bots, web-scraping and MiTM with AppiCrypt
L3 - Protect Users: Combat social engineering, phishing, malware with Device Risk Scoring and Malware Detection
Talsec offers enhanced features and benefits with our RASP+ plans, building on top of our freeRASP offering. Here’s what you can expect:
No limitations of freeRASP's Fair Usage Policy: Have an unrestricted number of app downloads* (beyond the 100k cap of freeRASP).
No Data Collection to Talsec Database: Your app's data is sent to your data collection services. You can even disable data collection.
FinTech Grade Security: Experience advanced security features and service-level agreements (SLAs) tailored for the financial technology sector.
Bypass Protection: RASP+ offers enhanced security with app-specific SDK customisation, while freeRASP uses a universal binary that is more susceptible to bypass.
Enhanced API Protection: Safeguard your APIs and benefit from risk scoring with our proprietary technology, AppiCrypt®.
For further details, please refer to the next page.
AppiCrypt®
One of the most valued commercial features is AppiCrypt® - App Integrity Cryptogram.
It allows easy-to-implement API protection and App Integrity verification on the backend to prevent API abuse:
Bruteforce attacks
Botnets
API abuse by App impersonation
Session-hijacking
DDoS
It is a unified solution that works across all mobile platforms without dependency on external web services (i.e., without extra latency, an additional point of failure, and maintenance costs).
Learn more about commercial features at talsec.app.
You can try freeRASP and then upgrade easily to an enterprise service.
Plans Comparison
freeRASP is freemium software, i.e. there is a Fair Usage Policy (FUP) that imposes some limitations on free usage.
Get your price for premium products.
Runtime App Self Protection (RASP, app shielding)
freeRASP is a free, easy-to-integrate runtime threat detection solution for small businesses and projects, supporting up to 100,000 device downloads. It helps you quickly grasp the main features, experiment, and try integrating Talsec SDKs. While it is a good threat detection tool, freeRASP’s limited resilience against bypasses and limited telemetry data collection make it unsuitable for commercial use in production, especially in regulated or privacy-sensitive domains.
RASP+ delivers banking-grade security designed for professional, regulated, or high-risk apps needing maximum hardening. Its customizable SDKs include advanced threat prevention like AppiCrypt for API and Transaction Integrity protection. RASP+ is built to pass rigorous penetration tests, ensuring real-time detection and mitigation of attacks. With strict privacy (no data sent to Talsec), it guarantees compliance and robust defense.
Advanced root/jailbreak protections (including Magisk)
basic
advanced
Runtime reverse engineering controls
Debugger
Emulator / Simulator
Hooking and reversing frameworks (e.g. Frida, Magisk, XPosed, Cydia Substrate and more)
basic
advanced
Runtime integrity controls
Tampering protection
Repackaging / Cloning protection
Device binding protection
Unofficial store detection
Multi-instance detection
basic
advanced
Device OS security status check
HW security module control
Screen lock control
Google Play Services enabled/disabled
Last security patch update
System VPN control
Developer mode control
ADB enabled detection
yes
yes
Screen Capture
Screen capture protection
Screenshot detection
Screen recording cetection
yes
yes
UI protection
Overlay protection
Accessibility services misuse protection
no
yes
Penetration Test Ready
can be bypassed by professional
designed to sustain pentesting
Security hardening suite
Secret Vault - Strings Protection (e.g. API keys)
App Data End-to-End Encryption light (E2EE) [coming soon]
no
yes
API protection by mobile client integrity check, online risk scoring, online fraud prevention, client App integrity check. The cryptographic proof of app & device integrity.
no
yes
Security events data collection, Auditing and Monitoring tools
Mandatory threat event data collection and sharing with Talsec
yes (collected to Talsec's DB)
no
Fully customizable and customer-controlled data collection
no
yes
UI portal for Logging, Data analytics, and Auditing
Talsec servers
Customer managed
Support and Maintenance
SLA
not committed
yes
Maintenance updates
not committed
yes
Total app downloads limit
Up to 100k Devices (premium upgrade required for more)
100k+ Devices
Mandatory threat event data collection and sharing with Talsec
yes
no
For additional comparison details and information on planned features, please see the next page.
Last updated