IS YOUR MOBILE APP LEAKING SECRETS?

Tue 30 October 2018 By Paulo Silva

Category: API, API Keys, Mobile, Security, Secrets

In Why Exposed API Keys and Sensitive Data are Growing Cause for Concern, Janet Wagner points out that the exposure of sensitive data through code is a growing cause of concern as developers rely...

Read More

STRENGTHEN TLS IN REACT NATIVE THROUGH CERTIFICATE PINNING

Tue 14 August 2018 By Skip Hovsmith

Category: Mobile, Android, API, Security, ReactNative

 

Beginning in July 2018 with the 68 release, Chrome began marking all sites not running HTTPS (TLS over HTTP) as “not secure”. TLS uses site certificates to establish a chain of trust and encrypt...

Read More

USING APPROOV IN YOUR CORDOVA APP THE EASY WAY

Fri 15 June 2018 By Johannes Schneiders

Category: Cordova, Integration

 

Read More

HOW WE INTEGRATED APPROOV WITH CORDOVA

Fri 15 June 2018 By Johannes Schneiders

Category: Integration, Cordova

Read More

REACT NATIVE: BRIDGING AN IOS NATIVE MODULE FOR APP AUTHENTICATION

Wed 09 May 2018 By Skip Hovsmith

Category: Mobile, API, Security, ReactNative, IOS

Photo by Liu Zai Hou on Unsplash

Read More

REACT NATIVE: BRIDGING AN ANDROID NATIVE MODULE FOR APP AUTHENTICATION

Wed 02 May 2018 By Skip Hovsmith

Category: ReactNative, API, Mobile, Android, Security

Photo by NGO TUNG on Unsplash

Read More

A TOUR OF API UNDERPROTECTION

Tue 03 April 2018 By Skip Hovsmith

Category: API Keys, Integration, TLS

AN OWASP APPSEC CALIFORNIA 2018 TALK

The fifth annual OWASP AppSec California was held in late January 2018 on the beach in Santa Monica. AppSec California is organized and run by an all-volunteer...

Read More

API ABUSE IN 2017 (PART 3)

Mon 19 February 2018 By Barry O'Rourke

Category: Business, Threat, Aggregators, CheatingAsAService, Series - API Abuse

Two particularly challenging forms of API abuse are Aggregation and Cheating as a Service. In both these cases your own users are enabling and sometimes funding the individuals and organizations...

Read More

API ABUSE IN 2017 (PART 2)

Tue 13 February 2018 By Barry O'Rourke

Category: Business, Threat, Scrapers, Account Hijack, Fake Account Factories, Series - API Abuse

Our first batch of business level attacks are Data Scrapers and Account Hijack. We also take a look at the lucrative business of Fake Account Factories.

Read More

API ABUSE IN 2017 (PART 1)

Fri 09 February 2018 By Barry O'Rourke

Category: Business, Threat, Series - API Abuse

2017 has seen our customers tackling a wide range of abuse and misuse of their Mobile APIs. We are seeing multiple approaches where the business process transparency provided by APIs has resulted...

Read More

Page 1 of 6