APPROOV INTEGRATION IN A PYTHON FLASK API

Mon 04 February 2019 By Paulo Renato

Category: Integration, Mobile App Authentication

This walk-though will show us how simple it is to integrate Approov in a current API server using Python and the Flask framework.

We will see the requirements, dependencies and a step by step walk-through over the code necessary to implement Approov in a Python Flask API.

Before we tackle the integration of Approov we need first to know how Approov validation is processed in the server and how to setup the environment to follow this walk-through.

Note that this article assumes a basic understanding of the Approov mechanics. If you need an overview of that, please read first the Approov in Detail page.

 

Read More

THE TOP 6 MOBILE API PROTECTION TECHNIQUES - ARE THEY ENOUGH?

Sat 22 December 2018 By Paulo Renato

Category: API Keys, Mobile App Authentication, Scrapers, Bots, Threats

APIs are a necessary and central part of the strategy of any digital business that wants to stay competitive and monetize its assets. Additionally, end users’ form factor of choice when using digital services is now firmly mobile. The trend towards APIs and mobile devices has moved the attack surface in a significant way and digital businesses must adapt and evolve their security policies accordingly.

Read More

42CRUNCH AND CRITICALBLUE ANNOUNCE PARTNERSHIP

Fri 23 November 2018 By David Stewart

Category: News, Integration, Business, Mobile App Authentication


Joint solution to ensure APIs are built correctly and used legitimately.  

Read More

WHAT CAN YOU ACHIEVE IN YOUR 1 MONTH FREE TRIAL OF APPROOV?

Wed 07 February 2018 By Jae Hossell

Category: Integration, Mobile App Authentication

Approov is first and foremost an API protection solution for bot mitigation, however, while performing this task it also gives insight into the types and state of devices that are communicating with the protected services. For example, do you want to know the proportion of connections coming from unauthorised software: bots, scripts, or repackaged apps? Do you want to know if your communications are being intercepted, if the mobile device is rooted, if your app is running in an emulator, or if there is a debugger or framework attached? These types of questions can be answered with an Approov integration and you can even start getting at these nuggets before the end of your free trial.

Read More

POSITIVE TECHNOLOGIES PARTNERS WITH CRITICALBLUE

Mon 29 January 2018 By David Stewart

Category: News, Business, Mobile App Authentication

Happy to announce that we are partnering with the great people at Positive Technologies to provide comprehensive protection across both Mobile and Web Channels. See the full press release for details on the API security partners.

Read More

APPROOV IN PARALLEL WITH USER AUTHENTICATION

Mon 22 January 2018 By Jae Hossell

Category: Business, Mobile App Authentication, Bots

In my last post in this series, I introduced Approov, the app authentication solution, and described how it tackles the problem of API protection in a novel and proactive way. In this post, I want to focus on the reasons API publishers need app authentication as part of their mobile security defense, and specifically why it should work alongside user authentication. In our discussions with new customers we often find that we need to explain the difference between the two as well as the contributions that each one provides.

Read More

A BRIEF INTRODUCTION TO APPROOV

Fri 19 January 2018 By Jae Hossell

Category: API Keys, Mobile App Authentication, Scrapers, Repackaged Apps

An article on wired summarises 25 data breaches that made headlines during 2017. The implication in the article, and the general impression of those who take an interest, is that 2018 will bring more of the same in an ever accelerating trend of discovery and disclosure. The growth in attacks indicates that companies of all sizes should continually raise the defensive bar and Approov raises that bar significantly. In this short post I will provide a high-level view of what Approov does and how it works.

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 4

Thu 18 January 2018 By Simon Rigg

Category: Integration, TLS, Mobile App Authentication, Repackaged Apps, A Series - ShipFast

Welcome back! This is the fourth and final part of a mini series which uses a fictional product, “ShipFast”, to walk you through the process of defending against various exploits in a mobile application to gain access to data on a remote server allowing real users of the system to gain an unfair business advantage at the expense of the company.

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 3

Wed 17 January 2018 By Simon Rigg

Category: Integration, TLS, Mobile App Authentication, Repackaged Apps, A Series - ShipFast

Welcome back! This is the third part of a mini series which uses a fictional product, “ShipFast”, to walk you through the process of defending against various exploits in a mobile application to gain access to data on a remote server allowing real users of the system to gain an unfair business advantage at the expense of the company.

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 2

Tue 16 January 2018 By Simon Rigg

Category: Integration, TLS, Mobile App Authentication, Repackaged Apps, A Series - ShipFast

Welcome back! This is the second part of a mini series which uses a fictional product, “ShipFast”, to walk you through the process of defending against various API security exploits in a mobile application to gain access to data on a remote server allowing real users of the system to gain an unfair business advantage at the expense of the company.

Read More

Page 2 of 4