Just started working on a mobile security package aka RASP for React Native that will protect your application and monitor its security, effectively securing your app from attack attempts and covering the OWASP Resiliency against reverse engineering requirements.

It will be able to detect reverse engineering, debugger, simulator, repackaging or cloning attempts, running the app in an unsafe OS environment (e.g. root or jailbreak), hooking frameworks and installing the application through unofficial stores. It also comes with weekly reports about the security state of your application.

Such SDK package for other platforms (Android, iOS, Flutter, Cordova) is already available on GitHub (https://github.com/talsec/Free-RASP-Community). So I plan to catch up with React Native support.

The freeRASP for React Native will be available on GitHub and later also as an npm package, providing an interface to configure the freeRASP. It will be lightweight and easy to integrate.

You will configure Android and iOS apps via a config object. Then, set up a threat listener for setting your actions when a threat is detected.

Would you benefit from using such a package? There will be freemium and commercial versions. See this link for the difference between these versions.

Let us know if there is anything specific you would like to see in the implementation. Our goal is to create a tool that is easy to use and satisfies all developer’s needs for app security and mobile OWASP compliance.

Your feedback will be highly appreciated.