Appdome unveils DefenceOS for unified mobile app defence

Appdome has introduced DefenceOS, a new operating layer embedded in Appdome-protected iOS and Android apps that manages how multiple in-app protection components run alongside the host application.

It is positioned as an execution environment for mobile security, anti-fraud, anti-bot and API protection functions. DefenceOS is designed to reduce clashes between protections that can slow apps, cause instability or complicate releases as mobile teams add controls.

Mobile businesses have increased their use of in-app checks as apps become a key channel for payments, identity verification and customer engagement. That shift has raised the cost of outages and performance issues, and increased scrutiny of anything that disrupts sign-in, onboarding and checkout flows.

Execution layer

DefenceOS runs inside the application process, governing how Appdome's protection plug-ins execute and share resources such as CPU, memory and network activity. Appdome says the layer includes a secure control plane, independent schedulers, task management and memory allocation functions.

The platform assembles DefenceOS during the build process for each app. When the protected app launches, the layer coordinates protection policies and controls at runtime. Appdome says it adapts scheduling and workload management as the app runs.

"When mobile brands use Appdome to secure mobile apps, they are getting application code too," said Tom Tovar, co-creator and CEO of Appdome. "Over the past 10 years, we've built a modular and dynamic control plane that orchestrates and manages how all defenses interact with each other, the app, operating systems, and the devices that run the secured app."

SDK friction

Many mobile security and fraud controls come as software development kits that developers integrate into their apps. These SDKs often require manual initialization and ongoing tuning, and can introduce competing runtimes and thread pools inside a single application. That raises the risk of regressions and crashes, especially when teams stack tools from multiple vendors.

Appdome argues that a governed execution model reduces the need for developers to write "glue code" between the app and protection modules. It also says the approach lowers the chance of protections colliding during lifecycle transitions such as backgrounding and resuming.

"The goal of DefenceOS has always been to do more for the developer," said Avi Yehuda, co-creator and CTO of Appdome. "Today, mobile brands must combine RASP, anti-fraud, identity, and API protections into one build. Providing a secure control plane that can dynamically optimize workflows, memory allocations, thread use, and more for all defense functions in an app is unique to Appdome and critical to the continued growth of the mobile economy."

Scaling protections

Appdome says the average number of its defense plug-ins per application has risen to more than 125. Some customers also run protections from other vendors in the same app. In that context, DefenceOS has been separated out as a dedicated workload manager for both Appdome and third-party defense functions.

Appdome says the layer includes segmented initialization, private scheduling for defense timing and prioritization, and a dedicated memory domain to reduce fragmentation and unpredictable heap growth. Other functions include resource-aware workload governance across CPU, RAM and network usage, secure inter-process communication, and runtime health supervision.

Appdome claims that treating protections as managed workloads rather than isolated feature calls reduces the risk of issues such as application-not-responding events and watchdog terminations. It also says the model can extend to third-party SDKs, including biometrics and identity verification tools.

"Mobile applications are constantly changing, combining new features and increasing defenses over time," said Yotam Keshet, VP of engineering at Appdome. "By separating the execution fabric and workload governor for defense functions, we can ensure the mobile experience remains what brands expect it to be across the largest array of mobile apps, frameworks, devices, and OS combinations."

Operational control

DefenceOS handles thread pools, lifecycle sequencing and policy orchestration on behalf of developers. It also manages policy transitions and supervises in-app defenses while the app runs. Appdome describes this as a way to preserve responsiveness amid changes in network conditions, device performance and operating system behavior.

Appdome linked the announcement to its longer-term product direction, noting that it has used the underlying technology in production deployments for years. It is now describing it as a distinct layer that provides operational telemetry across large-scale deployments.

"We're revealing DefenceOS because it's the critical workhorse and operational context for the Agentic future," said Tovar. "DefenceOS gives Appdome data from trillions of multi-defense coordination, policy race conditions, and operational telemetry learned from real deployments, context that is critical to the autonomous defense of a growing mobile economy."

DefenceOS is included by default in builds produced on the Appdome platform. Appdome says customers can see DefenceOS modules listed in its Certified Secure DevSecOps attestation generated during app builds.