As Alex suggests, the Device Security API and bundle/db encryption are available, and provide very good protection.
One bit of information leakage is that the NAMES of encrypted bundle files are still seen (with an `.encrypted` extension on the end), as well as size of files, and so examining the bundle might offer some clues to an attacker - size of attack surface (e.g. number of files, size of files), the names might reveal something about internal organization.
One mitigation would be naming files with random strings. This might be done in some pre-processing step.
In fact, on my projects I always use a pre-processing script for the purpose of building different similar products (such as "white box branding", but also with different functionality) and process almost every file through Mustache, and have a means to override files for a particular product.
So, this gives me an idea to rename files to random meaningless strings. For debug versions, the renaming can be skipped.
Otherwise, I fell the Tau Platform offers much greater security than is easily achievable with pure native apps or other hybrid platforms, by just changing a few settings - e.g. encrypt bundle files, encrypt database, implement check for device jailbreak, installation from alternate store, etc.