Skip Hovsmith

Improve the Security of API Keys

Wed 24 July 2019 By Skip Hovsmith

Category: API Keys, Mobile App Authentication, Reverse Engineering, API, Mobile App Development, MitM Attack

Securely identify your API Caller

Read More

Preventing Mobile App and API Abuse

Thu 21 March 2019 By Skip Hovsmith

Category: TLS, Android, iOS, Mobile App Authentication, OAuth2, API, Mobile App Development

 
Read More

How to Pin Mobile gRPC Channels

Mon 04 March 2019 By Skip Hovsmith

Category: TLS, Android, API, Mobile App Development, gRPC

Last-mile Security for gRPC-connected mobile APIs

Read More

Consider gRPC for Mobile APIs

Tue 05 February 2019 By Skip Hovsmith

Category: Android, API, Mobile App Development, gRPC

EVALUATING GRPC REQUEST-RESPONSE, AUTHENTICATION, AND STREAMING

gRPC is an open source remote procedure call (RPC) framework that runs across many different client and server platforms. It commonly uses protocol buffers (protobufs) to efficiently serialize structured data for communication, and it is used extensively in distributed and microservice-based systems.

Read More

Strengthen TLS in React Native Through Certificate Pinning - iOS Edition

Fri 30 November 2018 By Skip Hovsmith

Category: TLS, ReactNative, iOS

Enhance React Native’s networking API protection on Android and iOS without touching your Javascript code or manually editing the native code projects.

The first edition of this article implemented TLS certificate pinning for React Native apps on Android. Since then, the react-native-cert-pinner package has been enhanced to support pinning on iOS devices, and this edition of the post walks through the previous example for iOS. 

Read More

STRENGTHEN TLS IN REACT NATIVE THROUGH CERTIFICATE PINNING

Tue 14 August 2018 By Skip Hovsmith

Category: Android, ReactNative

Beginning in July 2018 with the 68 release, Chrome began marking all sites not running HTTPS (TLS over HTTP) as “not secure”. TLS uses site certificates to establish a chain of trust and encrypt communication at the transport layer.

Read More

REACT NATIVE: BRIDGING AN IOS NATIVE MODULE FOR APP AUTHENTICATION

Wed 09 May 2018 By Skip Hovsmith

Category: ReactNative, iOS

Photo by Liu Zai Hou on Unsplash

Read More

REACT NATIVE: BRIDGING AN ANDROID NATIVE MODULE FOR APP AUTHENTICATION

Wed 02 May 2018 By Skip Hovsmith

Category: Android, ReactNative

Photo by NGO TUNG on Unsplash

Read More

A TOUR OF API UNDERPROTECTION

Tue 03 April 2018 By Skip Hovsmith

Category: API Keys, Integration, TLS

AN OWASP APPSEC CALIFORNIA 2018 TALK

The fifth annual OWASP AppSec California was held in late January 2018 on the beach in Santa Monica. AppSec California is organized and run by an all-volunteer staff, and they put on a great conference — highly recommended. Besides excellent content and a chance to interact with many interesting colleagues, who wouldn’t want to hang out on the beach for a few days?

Read More

STRENGTHENING OAUTH2 FOR MOBILE

Wed 03 January 2018 By Skip Hovsmith

Category: TLS, Mobile App Authentication, OAuth2

Photo by Patrick Metzdorf on Unsplash

Read More

Page 1 of 3