Introduction to Appsolid
Appsolid is a SaaS that protects Android apps (APK and AAB) against cloning, tampering, and reverse engineering. Upload your app file, and strong code protection along with runtime self-protection (RASP) is applied automatically.
In plain terms — apps ship in a state where anyone can download and "pull them apart." Appsolid attaches a lock (obfuscation and encryption) and a guard (RASP) to your app. The lock seals the contents so they can't be read, and the guard detects and responds when someone tampers behind the scenes.
What makes it different (the one-line differentiator)#
Most protection products detect a threat and then block it (an if-branch) — neutralize that branch (patch it, NOP it out) and the protection is bypassed. Appsolid instead binds the detection result into the decryption key (key entanglement). In a hooked or debugged environment, the key is thrown off, decryption fails, and the original code is never loaded into memory in the first place. There's no branch to turn off, so it can't be turned off. The full mechanism is covered in How It Works · The Difference.
What you get#
| Area | Details |
|---|---|
| Code protection (always applied) | Full-DEX AES-256-GCM encryption + InMemoryDexClassLoader packing (SDK 26 and above; below that, supported via a file + JAR fallback), native bootstrap loader, multi-layer O-MVLL obfuscation |
| Runtime protection RASP (optional) | Root, emulator, hooking (Frida), debugger, ADB, and tamper detection, plus key entanglement |
| String encryption (optional) | Encryption of string literals in the code |
| Monitoring (optional) | Collects threat and access activity in a dashboard (no separate SIEM required) |
Who it's for#
- Business owners and product managers who build apps themselves or commission them
- Small teams with no dedicated security staff
- Organizations running sensitive apps in finance, authentication, payments, gaming, and the like
Non-specialists can apply it in a few clicks, while security personnel can review the technical rationale in How It Works, the Threat Model, and Security Assurance.
The 3-minute summary#
- Upload your app file (APK or AAB).
- Choose your protection options.
- Download the protected app, sign it with your own key, and publish it to the store.
You don't need to run zipalign yourself. Appsolid already applies zipalign (including 16KB page alignment) to the output. After downloading, all you have to do is sign it with your own key — a single line with
apksigner. Signing requires the app owner's private key, so it must always be done by you (why).
What's next#
- What is app protection? — the concept and "why 100% is impossible"
- Getting Started — applying it in practice
- Comparison with competing services — where it differs from other products