RuntimeGuard SDK
A hardened, drop-in library focused on advanced jailbreak, debugger, and tampered runtime detection.
View pricing



























iOS Security · Audits & Runtime Defense
iOS security audits, penetration testing, and Swift runtime-defense SDKs for fintech, wallets, health, and credential-class apps where a breach is a regulator event.
Static binary review, dynamic runtime analysis, full Swift/Objective-C codebase audits, and signed Swift frameworks for jailbreak, debugger, and tamper detection.
$ sentinel scan --target MyApp.app/MyApp → resolving Mach-O · arm64 · iOS 17.4 [ scan ] 4 segments · 22 sections · 312 imports ✓ DYLD image graph clean (62/62 verified) ✓ ptrace + sysctl: PT_DENY_ATTACH armed ! DYLD_INSERT_LIBRARIES env present (FridaGadget.dylib) ✗ Frida fingerprint detected: 3 matches @ 0x10027c000 → writing report → audit-2026-05-07.json complete · 7 findings · 1 critical · 35ms
Sandbox license for any SDK. No credit card. Full Indie-tier capabilities.
Start the sandboxPer-SDK and bundle pricing across Indie / Professional / Enterprise. Stripe-hosted.
See pricingLimited slots for teams willing to ship feedback in exchange for steep first-year pricing.
Apply for a pilotThreat modeling, full codebase reviews, MASVS evidence packages, or unlimited-bundle deals.
Contact us30+
jailbreak primitives detected
checkra1n · palera1n · Dopamine · rootless
<2ms
cold-path overhead
measured on iPhone 12 mini
0
PII collected, ever
fully on-device evaluation
0
third-party dependencies
pure Swift, signed .xcframework
Built for teams shipping iOS to
01 · Consulting
Four engagement shapes covering everything from a fast binary triage to multi-week threat-modeling for production-critical apps.
Tier 1 · 5–7 days
A comprehensive review of your application binary. We identify exposed API keys, plaintext secrets in Info.plist, and basic cryptographic misconfigurations before they hit production.
Request this auditTier 2 · 2–3 weeks
Advanced dynamic analysis identifying weaknesses in jailbreak defenses, debugger detection, and network traffic interception vulnerabilities across the execution lifecycle.
Request this auditTier 3 · 3–6 weeks
A complete structural audit of your Swift or Objective-C source code to ensure compliance, secure data handling, and robust intellectual property protection.
Request this auditTier 4 · scoped
Proactive defense design for new features or complete refactors. We map trust boundaries and design zero-knowledge, hardware-backed storage policies using the Secure Enclave before a single line of code is written.
Request this auditTier 5 · 1–3 weeks
Map your app to OWASP MASVS Level 1 or Level 2 control identifiers, then produce an auditor-ready evidence package. Supports SOC 2, PCI-DSS, HIPAA, and regulated-industry vendor reviews; each finding cites the MASVS control it satisfies or violates.
Request this auditTier 6 · monthly
An ongoing engagement, not a one-off scan. Pre-submission review of each App Store release, dependency-drift watch with advisory triage, quarterly threat-model refresh, and one engineering office hour per month. For teams shipping every two weeks.
Request this audit02 · Developer Security Suite
Twelve hardened Swift libraries you can integrate in an afternoon. Pick one, deploy the full suite for layered defense, or grab a curated bundle pack below for the most common defense pairings.
The portfolio expanded from 7 to 12 SDKs in 2026 because three engineering shifts happened simultaneously: on-device AI moved out of research and into shipping apps (PresenceKit, IntentKit, AnomalyKit), Apple's Required Reason API enforcement made privacy review a release-blocker for any non-trivial app (ManifestGuard, RedactKit), and behavioral-biometric defense became table-stakes for credential-class iOS apps where Face ID is a one-shot gate (BehaviorGuard's deeper integration with PresenceKit). The 12 SDKs aren't a sprawl, they're four foundational defense primitives plus eight specialists for the surfaces that emerged in the last 18 months.
A hardened, drop-in library focused on advanced jailbreak, debugger, and tampered runtime detection.
View pricingTrue SPKI pinning with multi-pin rotation, payload encryption above TLS, and pinned WebSocket support. Survive the day a corporate proxy gets between your app and your backend.
View pricingSandbox on-device LLM agents on Apple Foundation Models and MLX. Typed tool registry, fail-closed intent verification, network egress policy, hash-chained audit trail.
View pricingTyped Swift wrapper around the Apple Secure Enclave. Compile-time biometric policy selection, CI-grade Enclave residency attestation, mandatory invalidation handlers.
View pricingContinuous behavioral biometrics: ten on-device signals (touch, typing, motion, gait) fused into a four-band adaptive risk score with session degradation and per-transaction step-up.
View pricingSecure-input framework for credential-class flows: randomized in-app keyboard, AES-GCM in-process clipboard, BIP-39 mnemonic handling, composite jailbreak / debugger / swizzle detection.
View pricingScreen capture / screen recording / screenshot protection with HMAC-signed forensic watermarks. Compliance presets for HIPAA, PCI-DSS, GDPR, FINRA. OCR-based leak attribution verifier.
View pricingNPU-pinned continuous presence verification. Multi-modal fusion across motion, vision, and audio with Bayesian inverse-variance weighting. App Attest hook on Pro. Pairs with BehaviorGuard.
View pricingOffline SLM intent engine. Natural-language to typed Swift tool calls, on-device, no cloud round-trip. INT4 quantization with KV-cache budget, JSON-schema-coerced output. Pairs with AgenticGuard.
View pricingOn-device anomaly detection across four modalities (telemetry, behavioral, acoustic, sensor). INT4 models, Ed25519-signed artifacts, CloudKit E2EE-sealed state sync. Pairs with RuntimeGuard.
View pricingDebug-only PrivacyInfo.xcprivacy auditor. Five Obj-C swizzles plus four opt-in C-function rebinders; compiles to NoOp in Release so App Store ships zero swizzling. Bundled with manifest generator + differ.
View pricingOn-device PII redaction across three modalities (visual, audio, text). Vision face + text-region, on-device speech-PII, composite text-PII over 8+ categories. Pluggable RedactionPolicy. Pairs with ScreenGuard.
View pricingExplore the full Developer Security Suite
03 · Bundle packs
Five curated bundles for teams that already know exactly which threat class they're hardening against. Each pack is one annual subscription covering all included SDKs at the same tier; Bundle IDs are shared.
Foundational
RuntimeGuard + PayloadGuard + AgenticGuard + EnclaveVault
For: any iOS app where runtime defense + network defense + agent guardrails + Secure-Enclave keys are all in scope. Defense in depth for the four attack surfaces every iOS app exposes: hostile runtime, hostile network, hostile agent tools, and unprotected secrets. The four-SDK foundation every hardened app stack starts from.
Indie $1,299 · Pro $4,999 · Enterprise custom
View SuiteNew
BehaviorGuard + PresenceKit
For: fintech, healthcare, and regulated payments apps where continuous "is the right human still holding the device" verification is a security requirement. Touch-rhythm anomaly detection paired with NPU-backed continuous presence verification.
Indie $799 · Pro $3,199 · Enterprise custom
View packNew
AgenticGuard + IntentKit + RuntimeGuard
For: iOS apps shipping LLM-agent features where prompt-injection defense, offline intent classification, and runtime integrity all matter together. Verify the intent, sandbox the tool, defend the runtime. The three-layer floor every iOS LLM-agent app should have before any tool call fires.
Indie $1,099 · Pro $4,399 · Enterprise custom
View packNew
ScreenGuard + RedactKit + ManifestGuard + EnclaveVault
For: iOS apps facing an App Store privacy review (PrivacyInfo.xcprivacy, on-device PII redaction, capture protection, Secure-Enclave key residency). Ship a clean App Store privacy review. The four-piece toolkit for screen-capture controls, on-device PII redaction, automated PrivacyInfo.xcprivacy generation, and Secure-Enclave-backed storage.
Indie $1,499 · Pro $5,999 · Enterprise custom
View packNew
AnomalyKit + RuntimeGuard + BehaviorGuard
For: iOS apps where statistical, behavioral, and acoustic tamper signals need to be fused into one risk picture (high-stakes consumer fintech, threat-aware health apps). Three layers of tamper detection. Statistical anomalies, hard-edge runtime indicators, and behavioral baseline drift, fused with a hysteretic policy.
Indie $1,199 · Pro $4,799 · Enterprise custom
View packCompare all bundles side by side
04 · Desktop tooling
A native macOS application that brings static binary analysis, Frida-orchestrated runtime instrumentation, and structured reporting into one signed workspace. The tool an iOS security audit is run with, now available to the teams whose apps it audits.
Free during beta · until Dec 31, 2026
One workspace for static binary review, Frida-based runtime instrumentation, and CI-ingestible reporting. Notarized macOS app, hardened runtime, no telemetry on your audit subjects.
05 · About
Independent iOS Security Researcher
Over a decade of deep native engineering experience. Sentinel Den bridges the gap between high-level app development and specialized security methodologies, providing actionable, developer-friendly remediation for complex mobile vulnerabilities, without compromising user experience.
Practice areas: Mach-O reverse engineering, runtime instrumentation defense, Secure Enclave architecture, App Attest integration, code-signing pipelines.
Junaid Khan · macOS distribution partner. The Sentinel Den macOS product line, including SentinelDen Studio, is signed under Junaid's Apple Developer Program team during this phase of the project. Junaid otherwise builds independent utility apps and games for Apple platforms.
06 · Continuity guarantee
Sentinel Den is a focused operation, not a 1,000-person vendor. That's the honest trade-off: higher engineering attention per dollar in exchange for procurement's legitimate question about what happens if we vanish. Three contractual mitigations are built in, by design.
SDKs don't phone home for runtime authorization. License verification happens once at SDK initialization with a 14-day grace cache. If our API is offline tomorrow, your shipped app continues to function on every device that's previously checked in, long enough to ship a migration, not a hotfix.
Available on the Enterprise tier. The full SDK source is held by an independent third-party escrow agent and released to you on a defined trigger, Sentinel Den ceasing operations, missed support SLA, or acquisition without continuity warranty. You maintain integration-critical code indefinitely.
Every detection and defense pattern our SDKs implement is documented in detail on our engineering blog, 39 posts and counting. If you ever have to rebuild, you start with a written field guide on how to do it. We wrote it.
Need the escrow-agreement template, or a written brief on how the grace-cache mechanism handles specific failure scenarios? Request via the contact form.
07 · Engineering writing
Technical deep-dives on the problems we built Sentinel Den's SDKs to solve. All posts.
10 min read
RuntimeGuard boots first. Then EnclaveVault, then PayloadGuard, then AgenticGuard. Why order matters, what each SDK depends on from the previous one.
Related: RuntimeGuard SDK10 min read
What it actually means when 4 SDKs share a Bundle ID quota. License-startup overhead, audit-chain coordination, and the per-SDK XXXLicensing pattern.
Related: RuntimeGuard SDK10 min read
Why these four SDKs were the original Suite. The defense-in-depth rationale, what each layer catches that the others miss, and the integration order.
Related: RuntimeGuard SDKProcurement & compliance
Everything a vendor-review team typically asks for is on one of these pages. Anything not here is on request via the contact form.
Security posture & SLA
HTTPS / HSTS / CSP, vulnerability disclosure, incident response, response SLA by tier.
Threat models per SDK
Adversary assumptions, defensive posture, and the limits each SDK deliberately stops at.
Continuity guarantee
If we disappear, your apps don't. Escrow templates and key-person continuity terms.
EULA & commercial terms
License agreement, refund policy, liability scope. MSA, DPA, and CAIQ on request via contact.
Security questionnaire
Pre-filled SIG-Lite / CAIQ on request. Vendor onboarding paperwork answered in 1 business day.
Public benchmarks
Cold-start, latency p50 / p95, memory, energy, inference quality across all 12 SDKs.
Common questions from engineering and security teams evaluating an iOS audit. For anything not covered here, use the contact form.
An audit examines what an attacker would: your shipped binary (Mach-O headers, embedded strings, exposed API keys, plaintext secrets), your runtime defenses (jailbreak detection, debugger detection, anti-tampering), your network layer (TLS pinning, certificate validation, MITM resistance), and your data-at-rest posture (Keychain ACLs, Secure Enclave usage, file protection classes). Deliverables are a written report with remediation guidance, severity-ranked findings, and reproduction steps for every issue.
A Tier 1 Static Architecture Scan typically completes in 5–7 business days. A Tier 2 Deep Dive & Runtime Analysis runs 2–3 weeks depending on app complexity. A Tier 3 Full Codebase Review scales with codebase size, with typical engagements running 3 to 6 weeks. Tier 4 threat modeling is scoped per project, and Tier 5 MASVS compliance evidence packages run 1–3 weeks. Tier 6 is a recurring monthly retainer. Submit the contact form with your app's binary size and feature scope for a precise estimate.
Yes. An NDA is mandatory and signed before any source code, binary, or architectural diagram is shared. Mutual NDAs are reviewed within one business day. Enterprise engagements are governed by a Master Service Agreement (MSA) covering confidentiality, IP ownership, liability, and source code handling.
A written PDF report with an executive summary, full findings (each with severity, exploitation walkthrough, and remediation), an inventory of every check performed, and a 30-day follow-up window for clarification questions. Findings are tracked through to closure: when you patch an issue, we re-validate at no additional cost within the engagement window.
Yes. Most clients pair a Tier 2 (Deep Dive) or Tier 3 (Full Codebase) audit with a RuntimeGuard SDK Professional or Enterprise license. The audit identifies which detection signals matter most for your threat model, and the SDK provides them in production. A combined engagement gets a 15% discount on the SDK license. Contact us via the form for a quote.
The practice is iOS-first. Engagements involving an iOS frontend with a server-side or Android counterpart are accepted on a case-by-case basis. We partner with vetted Android and backend security specialists when the scope warrants it.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。