Blockchain renders online votes immutable, including fake votes!

Thu 19 March 2020 By David Stewart

Category: Fake Accounts, Bots, Repackaged Apps, API, MitM Attack, API Abuse, API Security

“It's the wave of the future,” declared the US State of West Virginia's Secretary of State of following a limited deployment of a blockchain-based voting app for the state's general midterm elections. For cybersecurity and election integrity advocates, however, the move was “an example of all the things states shouldn’t do when it comes to securing their elections.”

Read More

Approov Serverless Reverse Proxy in the AWS API Gateway

Thu 27 February 2020 By Paulo Renato

Category: API Keys, Integration, Third Party APIs, API, API Security, Reverse Proxy, AWS

 

In my previous article, Using a Reverse Proxy to Protect Third Party APIs, I left you without a solution to secure the purple API key inside the mobile devices in the graphic above from being extracted by the bad guy wearing the orange hat. As promised I am going to show you in this article how you can implement a solution for it.

Rather than securing the purple API key, wouldn’t it be better not to have it in the first place or at least to make sure that if it is extracted then it can’t be used at scale by malicious actors? Well that's what a Mobile App Attestation solution is for, and we will start this article by explaining what it is. Spoiler alert: it allows you to secure your API without needing to ship any type of secret inside your mobile app or, if you already have a secret in your mobile app, it allows you to ensure that the secret can’t be used to abuse your API.

Read More

The Race to Secure Connected Cars

Wed 26 February 2020 By David Stewart

Category: Business, API Security, Mobility, A Series - Mobility Trends

This is the final article in our 3 part review of trends in the Mobility market. In case you missed them, the first part can be found here and the second part can be found here.

In 2015, “white hat” hackers remotely attacked a Jeep Cherokee and left it paralyzed on the side of a highway. They returned in 2016 with an in-vehicle hack to prove that things could get much worse. In 2017, researchers from an IT security company analyzed some of the most popular mobile apps from car manufacturers to find that every app was vulnerable to attacks in some shape or form. In 2018, the number of Black Hat attacks overtook White Hat incidents for the first time in the history of Smart Mobility.

Read More

Using a Reverse Proxy to Protect Third Party APIs

Wed 12 February 2020 By Paulo Renato

Category: API Keys, Third Party APIs, API, API Abuse, API Security, Reverse Proxy

In this article you will start by learning what Third Party APIs are, and why you shouldn’t access them directly from within your mobile app. Next you will learn what a Reverse Proxy is, followed by when and why you should use it to protect the access to the Third Party APIs used in your mobile app.

Read More

Getting Authentication Correct

Wed 22 January 2020 By Skip Hovsmith

Category: API Keys, Mobile App Authentication, API Abuse, API Security

For zero trust mobile apps and APIs, credentials aren’t nearly enough.

Read More

Addressing Vulnerabilities and Abuse for Comprehensive API Security

Fri 17 January 2020 By David Stewart

Category: Business, API, API Abuse, API Security

 

As APIs become a critical part of almost every business, the need to build a robust API security strategy grows infinitely. API calls account for 83% of web traffic, according to the Akamai 2019 [state of the internet] / security: Retail Attacks and API Traffic report. The largest API directory now lists nearly 22,000 public APIs, up from 12,000 in 2015. A majority of companies now consider APIs to be critical to business strategy and imperative for developing partner ecosystems, enhancing customer value and creating new revenue opportunities. Cloud Elements, in its third annual State of API Integration report, recently found that businesses planned to deploy an average of 18 new APIs in 2019, compared to just 11.5 in 2018.

Read More

Page 1 of 1