David Stewart

Top 5 Threats to APIs Servicing Mobile Apps

Sun 29 March 2020 By David Stewart

Category: Fake Accounts, Scrapers, Bots, Repackaged Apps, MitM Attack, API Abuse, API Security

 

As mobile apps become increasingly paramount to operating successfully in today’s markets, a big question mark over API security is raised. Gartner has previously predicted that by 2022, “API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications.” Since every mobile app out there is powered by APIs, securing them is clearly a top priority.

Read More

Blockchain renders online votes immutable, including fake votes!

Thu 19 March 2020 By David Stewart

Category: Fake Accounts, Bots, Repackaged Apps, API, MitM Attack, API Abuse, API Security

“It's the wave of the future,” declared the US State of West Virginia's Secretary of State of following a limited deployment of a blockchain-based voting app for the state's general midterm elections. For cybersecurity and election integrity advocates, however, the move was “an example of all the things states shouldn’t do when it comes to securing their elections.”

Read More

The Race to Secure Connected Cars

Wed 26 February 2020 By David Stewart

Category: Business, API Security, Mobility, A Series - Mobility Trends

This is the final article in our 3 part review of trends in the Mobility market. In case you missed them, the first part can be found here and the second part can be found here.

In 2015, “white hat” hackers remotely attacked a Jeep Cherokee and left it paralyzed on the side of a highway. They returned in 2016 with an in-vehicle hack to prove that things could get much worse. In 2017, researchers from an IT security company analyzed some of the most popular mobile apps from car manufacturers to find that every app was vulnerable to attacks in some shape or form. In 2018, the number of Black Hat attacks overtook White Hat incidents for the first time in the history of Smart Mobility.

Read More

Traditional OEMs in a Mobility-as-a-Service World

Tue 25 February 2020 By David Stewart

Category: Business, Mobility, A Series - Mobility Trends

This is the second article in our 3 part review of trends in the Mobility market. If you missed the first part,  you can find it here.

Electric vehicles (EVs), with a mere 1.7% market share in 2019, are still at least a few years away from going mass market. This segment is expected to hit mass market adoption by 2025 and then build up to a share of about half of all new car sales by 2040.

Read More

The Rise of On-Demand Mobility

Mon 24 February 2020 By David Stewart

Category: Business, Mobility, A Series - Mobility Trends

This is the first  article in a 3 part review of trends in the Mobility market. The complete series can be found here.

The Mobility market has become a key sector for Approov deployment over the last few years. Therefore we thought it would be interesting to take a look at this market in detail, to understand its underlying forces and trends. This is the first of a series of 3 blog articles on the topic.

Last year, the global car market posted its sharpest decline in sales – by 3 million according to one study, 4 million according to another – since the financial crisis of the last decade. The worse news is that neither study predicts a quick return to normal growth any time soon. In fact, 2022 is the earliest estimate for a global recovery.

Read More

Addressing Vulnerabilities and Abuse for Comprehensive API Security

Fri 17 January 2020 By David Stewart

Category: Business, API, API Abuse, API Security

 

As APIs become a critical part of almost every business, the need to build a robust API security strategy grows infinitely. API calls account for 83% of web traffic, according to the Akamai 2019 [state of the internet] / security: Retail Attacks and API Traffic report. The largest API directory now lists nearly 22,000 public APIs, up from 12,000 in 2015. A majority of companies now consider APIs to be critical to business strategy and imperative for developing partner ecosystems, enhancing customer value and creating new revenue opportunities. Cloud Elements, in its third annual State of API Integration report, recently found that businesses planned to deploy an average of 18 new APIs in 2019, compared to just 11.5 in 2018.

Read More

Apple DeviceCheck and CriticalBlue Approov

Sat 27 April 2019 By David Stewart

Category: API Keys, Android, Mobile App Authentication, Repackaged Apps, Reverse Engineering, Threats, SafetyNet, DeviceCheck

Image credit

We are often asked by customers and prospects to compare our beloved Approov with Apple's DeviceCheck offering. Since DeviceCheck is intended to uniquely identify iOS phone instances then this is a reasonable question. However, DeviceCheck and Approov are designed to do quite different things and therefore we wrote a handy guide to help our customers appreciate when to employ each solution and why. You can download the guide from here.

Read More

Google SafetyNet and CriticalBlue Approov

Sat 27 April 2019 By David Stewart

Category: API Keys, Android, Mobile App Authentication, Repackaged Apps, Reverse Engineering, Threats, SafetyNet, DeviceCheck

Image credit

We are often asked by customers and prospects to compare our beloved Approov with Google's SafetyNet offering. Since SafetyNet is intended to identify genuine Android instances then this is a reasonable question. However, SafetyNet and Approov are designed to do quite different things and therefore we wrote a handy guide to help our customers appreciate when to employ each solution and why. You can download the guide from here.

Read More

42CRUNCH AND CRITICALBLUE ANNOUNCE PARTNERSHIP

Fri 23 November 2018 By David Stewart

Category: News, Integration, Business, Mobile App Authentication


Joint solution to ensure APIs are built correctly and used legitimately.  

Read More

POSITIVE TECHNOLOGIES PARTNERS WITH CRITICALBLUE

Mon 29 January 2018 By David Stewart

Category: News, Business, Mobile App Authentication

Happy to announce that we are partnering with the great people at Positive Technologies to provide comprehensive protection across both Mobile and Web Channels. See the full press release for details on the API security partners.

Read More

Page 1 of 2