Jailbreak Detection

Jailbreak detection is one of the most critical protection layers in the iOS ecosystem. Jailbreaking removes or weakens the operating system's native sandboxing mechanisms, allowing privilege escalation, expanded access to the file system, and the installation of advanced application manipulation and analysis tools. This scenario directly compromises the integrity of the application and the confidentiality of the data processed.

In the context of Runtime Application Self-Protection (RASP), Jailbreak detection is essential to prevent the application from running in environments with compromised security, where reverse engineering, instrumentation, code injection, and data extraction techniques can be applied more easily.

Technical Mechanism: The MAD Jailbreak Detection module for iOS adopts a multivector approach, designed to deal with different types and evolutions of Jailbreak. The solution performs a combination of independent checks in the runtime environment, assessing signs of sandbox violation, operating system modifications, and behaviors incompatible with legitimately operating iOS devices. Correlating these indicators enables resilient identification of compromised devices, even in the face of concealment or evasion attempts, triggering the configured mitigation policies when risk is confirmed.

<key>anti-jailbreak</key>
    <true>