Strengthen TLS in React Native Through Certificate Pinning - iOS Edition

Fri 30 November 2018 By Skip Hovsmith

Category: iOS, TLS, ReactNative

Enhance React Native’s networking API protection on Android and iOS without touching your Javascript code or manually editing the native code projects.

Read More

A TOUR OF API UNDERPROTECTION

Tue 03 April 2018 By Skip Hovsmith

Category: API Keys, Integration, TLS

AN OWASP APPSEC CALIFORNIA 2018 TALK

The fifth annual OWASP AppSec California was held in late January 2018 on the beach in Santa Monica. AppSec California is organized and run by an all-volunteer...

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 4

Thu 18 January 2018 By Simon Rigg

Category: Mobile App Authentication, Integration, Repackaged Apps, TLS, A Series - ShipFast

Welcome back! This is the fourth and final part of a mini series which uses a fictional product, “ShipFast”, to walk you through the process of defending against various exploits in a mobile...

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 3

Wed 17 January 2018 By Simon Rigg

Category: Mobile App Authentication, Integration, Repackaged Apps, TLS, A Series - ShipFast

Welcome back! This is the third part of a mini series which uses a fictional product, “ShipFast”, to walk you through the process of defending against various exploits in a mobile application to...

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 2

Tue 16 January 2018 By Simon Rigg

Category: Mobile App Authentication, Integration, Repackaged Apps, TLS, A Series - ShipFast

Welcome back! This is the second part of a mini series which uses a fictional product, “ShipFast”, to walk you through the process of defending against various API security exploits in a mobile...

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 1

Fri 12 January 2018 By Simon Rigg

Category: Mobile App Authentication, Integration, Repackaged Apps, TLS, A Series - ShipFast

Welcome! A quick question: Do you know what’s using your API? Really?

Read More

STRENGTHENING OAUTH2 FOR MOBILE

Wed 03 January 2018 By Skip Hovsmith

Category: Mobile App Authentication, OAuth2, TLS

Photo by Patrick Metzdorf on Unsplash

Read More

TOUGHEN UP SOFT CERTIFICATE PINNING WITH APPROOV

Thu 14 December 2017 By Barry O'Rourke

Category: TLS, Integration

Devops just mailed to say they will rotate the certificates on all of the endpoints today, mentioned the Engineering Manager at one of our customers, that’s unexpected, I wonder what happened.

Read More

ADDING OAUTH2 TO MOBILE ANDROID AND IOS CLIENTS USING THE APPAUTH SDK

Mon 23 October 2017 By Skip Hovsmith

Category: Mobile App Authentication, OAuth2, TLS

OAuth2, often combined with OpenID-Connect, is a popular authorization framework that enables applications to protect resources from unauthorized access. It delegates user authentication to an...

Read More

THE PROBLEM WITH PINNING

Thu 13 July 2017 By Barry O'Rourke

Category: Mobile App Authentication, Integration, TLS

Certificate or Public Key Pinning is an extension to TLS that is highly effective for bot mitigation by protecting the HTTPS connection between your app and API from snooping by third parties ...

Read More

Page 1 of 2