Why choose us?
Products
Platform
Promon Platform All Promon products and extensions in a single platform.
App protection
Promon Shield for Mobile™ Secure iOS & Android apps from tampering, repackaging, & more.
Promon Shield for Desktop™ Protect Windows & macOS apps from static & dynamic attacks.
Promon Shield for SDKs™ Defend SDKs from tampering, & unauthorized use.
APP ANALYTICS
Promon Insight™ for App Visibility From protection to proof at no additional cost
Promon Insight™ for App Security Understand security risks & make data-driven decisions.
Extensions
Promon Code Protect™ Protect app code & data from reverse engineering & copying.
Promon Data Protect™ Store app secrets securely on compromised end-user devices.
Promon Verify™ Verify the integrity of apps accessing APIs in real-time.
Featured webinar
Pass your next mobile app pentest with confidence
Find out how
Solutions
By industry
Banking Comply, prevent fraud, & protect sensitive data.
Payments Achieve compliance, prevent tampering, & secure data.
Gaming Prevent cheating, protect transactions, & revenue.
Streaming & media Secure content, intellectual property, & user data.
Retail & e-commerce Stop malware, MitM attacks, & account takeovers.
Public sector Prevent repackaging, breaches, & tampering.
Healthcare Ensure regulatory compliance & secure PHI.
Automotive Secure sensitive app data & assets.
By use case
On-device AI security Secure on-device AI features against next-gen attacks
Pass your mobile app pentest Identify and fix security gaps before auditors or attackers do
Customer stories
We protect the world's leading brands, & we can protect yours too.
Read more
About Promon
Company
About us Learn about us & our 19-year history.
Contact us Need help? Get in touch with our team.
Careers #LifeAtPromon & the latest jobs.
Partners Become a partner & deliver app security.
Press Your source for all things Promon.
We're hiring!
We're changing the world, one app at a time. Will you help us?
View open roles
Resources
App sec library
All resources Explore The Mobile App Security Library.
Customer stories Find out how the world's leading brands stay secure.
Webinars & events Meet peers (& Promon) online & around the world.
Ebooks & whitepapers Dive into the finer points of app shielding.
Knowledge Centre Where app security meets Promon tech.
Blog Keep up with app sec news & developments.
Tools & games Research, calculate, or just have some fun!
Glossary Understand critical app sec terminology.
Mobile attack vector library Understand key mobile attack vectors.
Product Lifecycle Understand Promon's product lifecycle
On-demand webinar
App Threat Report: The state of facial recognition security
Read now
Book a meeting

Security & Responsible Disclosure

 


At Promon, we are committed to maintaining the highest standards of security for our products and for the applications protected by them. We value responsible security research and appreciate the efforts of those who help us identify potential vulnerabilities. We aim to work collaboratively, transparently, and efficiently to assess and address reported issues.

Reporting a Security Issue
If you believe you have identified a security vulnerability related to Promon products or a Promon-protected application, please report it to:
security@promon.io

To enable effective assessment, reports must include sufficient detail for us to understand, reproduce, and validate the issue.

Required information
Please include:

· A clear description of the issue and affected component(s)

· Step-by-step instructions to reproduce the finding

· Supporting evidence (e.g. logs, screenshots, proof-of-concept code)

· Details of the test environment and configuration

· An assessment of the potential impact


Reports that do not provide enough detail to enable reproduction and validation cannot be assessed and will not be progressed.

Scope and Assessment
Promon provides security protections for applications. Our assessment focuses on the effectiveness of these protections under realistic deployment conditions and configurations.

Where findings are influenced by:

· application implementation,

· configuration choices, or

· external dependencies,

· we will work with the reporting party and relevant stakeholders to determine the appropriate context and impact.


Coordinated Disclosure
We follow a coordinated vulnerability disclosure approach:

· Vulnerabilities must be reported to Promon privately and in full before any public disclosure

· We will investigate and respond in a timely manner

· We will work with stakeholders to agree on an appropriate disclosure timeline


We ask that reporters do not disclose vulnerabilities publicly until:

· the issue has been validated and addressed, or

· a coordinated disclosure timeline has been agreed


Good Faith Research
We support security research conducted in good faith. We ask that you:

· Act responsibly and avoid harm to users, data, or services

· Do not access, modify, or exfiltrate data beyond what is necessary to demonstrate the issue

· Do not exploit vulnerabilities beyond proof-of-concept

· Do not make demands for payment or other conditions tied to disclosure


Our Commitment
When you report a vulnerability to Promon, we will:

· Acknowledge receipt of your report

· Assess and validate the findings objectively

· Communicate clearly throughout the process

· Provide transparency on impact and remediation


Contact
For all security-related inquiries, please contact:
security@promon.io