Closing Both Web and Mobile Doors To Automated Traffic

March 16, 2021

In this article we will look at the challenges of making sure that bots and other automated traffic can’t gain access to your backend systems, no matter how they try. Most enterprises offer services through their website and their mobile app and both attack surfaces must be considered. Ensuring that both channels are properly defended will prevent DDoS, credential stuffing, data scraping and other fraudulent exploits from occurring. Read Full Story

Approov Integration for Python FastAPI Backends

March 9, 2021

Python FastAPI framework’s first commit dates from 5th December 2018, followed by the first release on 25th December 2018. It was created by Sebastián Ramírez as a direct reflection of his several years of experience in creating APIs with complex requirements. Read Full Story

Clubhouse Needs A Bouncer

February 26, 2021

Even if you only have a vague interest in app security I’m sure the recent furore around Clubhouse hasn’t escaped your attention. There is significant buzz around this invite-only iOS app. Enabling live audio chat rooms between participants, it sets the expectation that these interactions are somewhat private and certainly not recorded.  With big celebrity names such as Elon Musk, Kanye West and Oprah Winfrey as users there is a significant demand for a coveted invite. Read Full Story

Building Your Gold Standard For Account Access

February 16, 2021

In this article we are going to look at the key use cases you should consider around protecting access to your users’ accounts and what you should think about when building your gold standard security to protect them. Read Full Story

Approov Flutter Quickstart

January 27, 2021

Flutter is one of the most popular development toolkits for building cross platform applications. Created by Google and open source it is targeted at the development of mobile apps for Android and iOS with full support for inclusion of native libraries. Flutter can also be used to build apps for the web and desktop, but our focus is on mobile apps. Read Full Story

Balancing Mobile App and API Protection

January 18, 2021

A common discussion that comes up with customers is how they should consider the security requirements of their mobile apps and of the APIs that service them. A recent incident involving Nissan provides a reminder of how easily best laid protections can unravel. Read Full Story

Approov Integration for Elixir Phoenix Channels Backends

January 15, 2021

The Elixir programming language was created by Jose Valim in 2012 as a research project at Plataformatec, the company he worked at the time. You can watch Elixir: The Documentary where he tells in the first person more about the motivations and reasons behind writing it. Read Full Story

Approov Integration for Swift Vapor Backends

January 8, 2021

Vapor is a framework written in the Swift programming language that brings the language from the iOS platform to the backend, thus allowing developers to develop the mobile app and the backend in the same programming language. Vapor was initially released on December 3, 2015, just one month after Apple open sourced Swift and started to add support for the Linux platform. Read Full Story

Man-in-the-Middle: Myths and Legends

January 6, 2021

Man-in-the-Middle (MitM), or more correctly Person-in-the-Middle, is the technique of inserting yourself into API traffic to observe or manipulate requests and transactions as they pass by. In this article we’ll look at how it’s done and what you should do to prevent it, exploding a few misapprehensions on the way. Read Full Story

Approov Integration for Golang Backends

December 15, 2020

Go was developed at Google in 2007 by Robert Griesemer, Rob Pike, and Ken Thompson, but only publicly announced in November 2009. Go is a static typed, compiled and procedural programming language and was designed with the aim of improving developers’ productivity at Google. The language was created to address the criticism of other ones used at Google, such as C++, Python and Javascript, while at same retaining their good characteristics. The primary motivation to create Go was the shared dislike of C++ by the initial authors. Read Full Story