In the final part of this four part series, we’ll recommend what actions you should take and when you should take them in order to implement effective shielding of your mobile app and APIs it uses.
In part 1 we looked at the threats to APIs and mobile apps; in part 2 we looked at the active attack surfaces which are available to hackers in a mobile-centric platform; and in part 3 we examined some methods you could employ to defend your platform against attacks of various kinds.
Here is a refresher of some of the main observations from the previous articles in the series:
So what should your approach be to protecting a mobile first business and in what order should you take the necessary steps? It’s tempting to focus first on finding vulnerabilities in your APIs so that you can remove them and sleep better at night. However, getting a basic shield in place first should be your immediate priority.
We would propose the following steps, in priority order, to be started right away:
We hope that you have found this blog series informative and useful. If anything is unclear, you would like to ask a question or if you would like to talk to one of our mobile app/API security experts, please get in touch.