Threat Detection

Learn how freeRASP detects rooted or jailbroken devices, emulators, hooks, app tampering, and other runtime threats, and how to choose the right in‑app response for your mobile security use case.

freeRASP performs several security checks to detect potential threats during runtime, each targeting specific attack vectors. Developers and business owners can determine the appropriate response to these incidents, whether by terminating the application, alerting the user, logging the incident details, or choosing to ignore it.

For a detailed explanation of each security check and guidance on selecting an appropriate response, please refer to the individual threat descriptions in the subsections. Remember, the ideal response will depend on your application's specific security needs and use cases.

Sections

Detecting rooted or jailbroken devices
Emulator detection
Hook detection
App tampering detection
Debugger detection
Detecting unofficial installation
Device binding detection
Missing obfuscation detection [Android devices only]
Secure Hardware detection (Keystore/Keychain secure storage check)
Passcode
System VPN detection
Developer Mode detection [Android devices only]
ADB enabled detection [Android devices only]
Screen Capture (Screenshot and screen recording detection, block screenshot capture)
Multi-instance detection [Android devices only]

PreviousCallback Delay, Telemetry Impact, and Threat Scanning Completion Status NextDetecting rooted or jailbroken devices

Last updated 1 month ago

hashtagSections

Sections