Proxy and VPN Detection

Proxy and VPN detection aims to identify whether the application's network traffic is being intercepted, redirected or monitored through proxies, VPNs or communication interception tools. This type of technique is frequently used in Man-in-the-Middle (MITM) attacks, in which a malicious actor seeks to capture, analyze or modify communications between the application and its backend servers.

In mobile environments, the improper use of proxies or VPNs can allow inspection of requests and responses, tampering with data in transit and attempts to bypass security mechanisms, compromising the confidentiality, integrity and authenticity of the information transmitted by the application.

Technical Mechanism: MAD performs continuous checks on the device's connectivity environment to identify signs that the application's traffic is being routed through manually configured proxies or VPNs. Based on this analysis, the solution detects attempts to intercept or monitor network traffic and sends the detected event to the Command Center.

<proxyDetection> 
    <enabled>true</enabled> 
</proxyDetection>