Unintentional Unpinning with Firebase
A recent feature addition to Firebase introduces a bug which disables Certificate Pinning. Check if your app is impacted and upgrade to the latest version to get the fix!
API Protection Requires Both User and App Authentication
As an API provider, you register and authenticate users and identify the app they are calling from, but is that enough to protect access and your revenue stream from malicious actors?
Whitelists and Indirection Go Together Like Chocolate and Peanut Butter
Android may have its treats, but for app and API security, whitelists and indirection used together are their own taste sensation.
CriticalBlue wins a 2017 API Award
Approov selected as the winner in the API Security category!
The Problem with Pinning
Certificate pinning makes it impossible to eavesdrop on the contents of an app’s communications with its backend server. So why is it so rarely deployed?