AI Deepfakes Threaten Biometric Security

Tom Tovar
Co-Creator

Q1. What should enterprise organizations need to know about the rising use of deepfakes among threat groups? What should they be doing to protect themselves and customers against the threat?

In the last three to four months, AI-generated deepfakes have undermined the integrity of biometric authentication, including facial recognition, as the primary means of authenticating consumer and enterprise mobile users. As a result, mobile brands and businesses can no longer trust that facial recognition is a true facial recognition. Mobile brands and businesses need to protect how facial recognition works and secure the process that facial recognition systems rely on to capture, map, transmit, and compare biometric values as well as how applications call these services. Appdome has released the only solution that addresses the problem of deepfakes at the point of infiltration, manipulation, substitution and other attack methods. With Appdome, mobile brands and businesses can reclaim trust and restore integrity to biometric authentication, including facial recognition systems in their apps.

Q2. A recent report identified threat actors as shifting increasingly to a mobile-first attack strategy. Is that something Appdome has observed as well? What's driving it and what are the implications for organizations and mobile device users?

As users continue their steady march towards mobile platforms for commerce, work, news, social media and other activities, Mobile has quickly become the business. It should be no surprise then that criminals—fraudsters, scammers, hackers, etc.—have shifted to mobile as the primary attack vector against brands and businesses. The primary implication for organizations is that the threat doesn't match cyber's priorities, and cyber's "readiness" and "expectations" are at odds with the attack surface. Appdome's recommendation is to allocate more resources to solving the mobile challenge and embrace AI-Native platforms to keep up with the rising AI-Native threat. Without adopting an AI-Native defense strategy, brands and businesses will be left fighting the new threats piecemeal.

Q3. How does Appdome plan on using its presence at Black Hat Asia 2025 to spread awareness of emerging mobile security threats and of the company's approach to helping users address these threats?

As always, Appdome plans to showcase the latest additions to its AI-Native Platform for Mobile Defense. Appdome leverages AI throughout the defense lifecycle to code and build defenses into mobile apps, measure and response automatically to threats in production, and resolve attacks and threats experienced by mobile end users. The newest additions to Appdome's impressive 400+ defense line up include protections against Deepfakes, DeepSeek, ATOs, broader Anti-Bot protection as well as new, groundbreaking, data service call Threat-Dynamics™. Threat Dynamics allows businesses to see how Android & iOS threats move across an organization, get predictive, preemptive defense and benchmark their defense posture against peers in their region, country or industry.

Anthony Ricco
Chief Product Officer

Q1. What is the collaboration between Corellium and Lauterbach about? How exactly is it advancing automotive software development practices?

Our collaboration with Lauterbach is all about bringing leading technologies together. Lauterbach’s TRACE32 is the most widely used debug solution in automotive and Corellium provides the most widely use cloud-native virtual device models. By working together, we have the ability to enable software developers to use the same TRACE32 debug features that they use on a daily basis such as multicore debugging of the individual A, R, and M CPU clusters from Arm as well as hypervisor, OS, and AUTOSAR awarenesses. We enable them to do this development on virtual devices running at silicon speeds with all the flexibility and scalability benefits of running in the cloud. This helps automotive software developers start on their work much earlier and accelerates time to market for key automotive applications. It also enables software developers with the first virtual device that they’ll want to keep using even after physical devices are available.

The ability for Corellium devices to plug directly into cloud development methodologies for DevSecOps and deliver a platform which can be instantly shared worldwide means that our virtual devices offer value not only before silicon but for the entire lifetime of the vehicle. Automobiles today contain 100s of processors and sensors. Autonomous driving, ADAS, advanced infotainment systems, and safety features are constantly adding to auto compute requirements and increasing the need for better software development methodologies. The Corellium Virtual Hardware platform delivers the performance and scalability to meet these requirements.

Q2. What exactly is virtual prototyping? What's driving the need for it?

Virtual prototyping is literally creating a virtual version of a physical device. Prototypes can take many forms of course but our virtual prototypes replicate the functionality of that device in order to enable software development. Since there is no reliance upon a physical device, this development can take place long before the physical device is available to enable software development productivity. Ideally, virtual prototypes also run fast enough and with enough hardware fidelity to continue offering value even after the real device is available. Corellium’s virtual prototypes deliver this speed and fidelity, traditional virtual prototypes do not.

Virtual prototyping is not a new approach. It has been used for decades, to enable software development in advance of silicon. A few things are happening now though which are causing it to be more prevalent: Software is becoming a part of how we interact with almost every device from toasters to TVs to automobiles The Arm processors which are used to power most of the devices around us have become powerful enough to be adopted by all the leading cloud providers Cybersecurity requirements in the EU are dictating that software patches be made available for vehicles for 15 years after the device stops shipping Corellium’s technology virtualizes the behavior of Arm server processors and enables them to represent the behavior of any other Arm processor. This enables the development of virtual devices that run as fast as their physical counterparts while executing the same workloads. The meets the needs of today’s developers and sets the stage for the next level of software innovation.

Q3. What does Corellium plan to showcase at Black Hat Asia 2025? How does the company plan to engage with attendees at the event?

Corellium is excited to return to Black Hat Asia 2025, marking our first appearance since launching our new products—Corellium Viper and Corellium Falcon. At the event, we’ll showcase how these solutions are transforming mobile security testing and research.

Corellium Viper is designed for mobile app security testing (MAST) for iOS and Android. Viper equips your security teams with unprecedented tools for both manual and automated testing, freeing up valuable engineering time and saving money. With the ability to spin up any OS version and hardware model on demand, and with the ability to jailbreak or root any version, Viper helps close the security testing gap in your mobile app development lifecycle. This includes our new automation technology which streamlines security testing by running hundreds of static and dynamic tests in a single click.

Corellium Falcon is designed for organizations performing sophisticated mobile vulnerability and threat research. Corellium’s virtual devices are uniquely designed to run natively on Arm processors, providing the performance and fidelity of a real device with the efficiency, scalability, and control of an emulator. Falcon includes purpose-built tools for root access, filesystem manipulation, process tracing, executing self-signed binaries and scripts, kernel debugging and hooking, and much more.

Corellium Atlas is a virtual hardware platform designed to accelerate software development for the next generation of software-defined vehicles (SDVs). Atlas shatters traditional development barriers, empowering automakers and their ecosystems to build, test, and deploy cutting-edge automotive software with unprecedented speed and efficiency. We’re looking forward to engaging with attendees through hands-on demos, expert-led discussions, and interactive sessions at our booth. Whether you’re a security professional, researcher, or developer, we’re excited to show how Corellium can streamline mobile security workflows, enhance collaboration, and improve testing efficiency.

Byung-Moo Kim
Executive Vice President

Q1. SK Shieldus recently acquired SecureLayer. What factors drove the acquisition? How does it benefit customers of both companies?

We currently serve more than 2,500 customers on our MSS platform. We have been looking for a strategic partner that can improve the service quality whilst adopting new technologies that can provide quicker and more accurate detection and response to our customers. That is why we decided to acquire Seculayer, which is the leading SIEM/ SOAR solution provider in Korea.

The synergy will further scale the service in the region whilst bolting SK shieldus' extensive knowledge and experience through use case management library into Seculayer's solution set. Through this acquisition we have in-sourced 100+ developers, which will improve the speed of response to customers in terms of the overall feature enhancement / service delivery.

Q2. What is your company's partnership with Verizon about? What services are you jointly delivering and how do you see the partnership evolve in future?

We have a wide range of services from security consulting, incident response to MSS services as part of the strategic partnership. That said, the core motive behind the partnership is to achieve the following goals:

• To provide global services to Korean customers where speed to action is critical such as incident response.
• To promote collaboration regarding threat intelligence that can enrich the insight for our customers and
• To create a joint MSS capability for Korean customers where local and global detection and response are key in the light of evolving threat and regulatory landscape.

We believe that the partnership will continue to go strength to strength as we go into the market together.

Q3. What are your company's plans at Black Hat Asia 2025? What do you hope attendees will take away from your company's participation at the event?

At Black Hat Asia 2025, we aim to establish itself as a trusted strategic partner in the ever-evolving cybersecurity landscape while fostering meaningful interactions with global clients.

During this event, we will introduce six tailored strategic security consulting services, including Offensive Security Services and AI-Specialized Security Services. In particular, we will showcase our proactive security strategies, leveraging SK Shieldus' extensive expertise and the latest threat intelligence to provide actionable insights that enterprises can directly implement.

Under the slogan, "Beyond Security, Be Your Trust," we emphasize trust as a core value, demonstrating how SK Shieldus stays ahead of rapidly evolving cybersecurity challenges through its advanced technological capabilities.

Our booth will feature comprehensive informational materials on our services and an interactive AI Jailbreak Challenge, where attendees can experience cybersecurity threats firsthand. Additionally, attendees can participate in one-on-one consultations at the booth, where we offer strategic security consulting tailored to their organization's specific needs.

Through these engagements, participants will gain a firsthand understanding of how SK Shieldus proactively addresses the latest cyber threats while acquiring valuable hands-on experiences and insights.