The State of Mobile App Security in 2022 in Financial Services

August 17, 2022

Introduction and Context This blog provides a snapshot of mobile app security in Financial Services based on an extensive study performed by Osterman Research and published in the Approov-sponsored report “The State of Mobile App Security in 2022”, in July this year. Read Full Story

The State of Mobile App Security in 2022 in Healthcare

August 17, 2022

Introduction and Context This blog provides a snapshot of mobile app security in Healthcare based on an extensive study performed by Osterman Research and published in the Approov-sponsored report “The State of Mobile App Security in 2022", in July this year. Read Full Story

Why Should You Keep Your API Key Secure?

July 12, 2022

Attacks against APIs are increasing and API key protection is central to minimizing your business risks. In this article we’ll look at what your exposures are and what you should do about it. Read Full Story

Hands-on Mobile App and API Security - Runtime Secrets Protection

July 4, 2022

In a previous article we saw how to protect API keys by using Mobile App Attestation and delegating the API requests to a Proxy. This blog post will cover the situation where you can’t delegate the API requests to the Proxy, but where you want to remove the API keys (secrets) from being hard-coded in your mobile app to mitigate against the use of static binary analysis and/or runtime instrumentation techniques to extract those secrets. Read Full Story

How Should API Keys be Stored?

June 27, 2022

Mobile app developers keep hearing that they shouldn’t store API keys in their app code but they don’t hear where they should store them. In this article we discuss the topic and provide some practical solutions. Read Full Story

How To Add Security To Your Mobile App

June 21, 2022

In a previous article, we discussed “When do we add security into our app and onto our APIs?” The conclusion was to do it as soon as possible! That said, there are still choices to be made so in this article we explore how you should decide on appropriate protections for your mobile app and APIs. Read Full Story

How to Prevent API Abuse

May 27, 2022

API abuse, when the API is used in an unexpected way, is a growing problem in software development and one of the leading attack vectors cybercriminals exploit. According to a recent security research report that surveyed more than 200 enterprise security professionals, there was a 21.32% growth in malicious API call volume between December 2020 and December 2021. The same study also established that 95% of respondents had suffered an API security incident in the past year. Read Full Story

How Can I Protect My Mobile API?

May 26, 2022

As any mobile developer knows, APIs are the foundation of any mobile app strategy. They allow developers to quickly and efficiently access the data and functionality they need to build amazing apps. This article outlines a 5 step checklist to make sure your mobile platform is adopting best practice security. Read Full Story

When To Add Security To Your New Mobile App

May 23, 2022

Whether you are a brand new company bringing a mobile-centric digital service to market, or an established company introducing a new mobile offering, there will - hopefully - come a time when someone asks “When do we add security into our app and onto our APIs?” In this article we explore this question and provide some guidance on how to reach the right conclusion for your business. Read Full Story

What Are the Most Common Types of Mobile Man-in-the-Middle Attacks?

May 18, 2022

A Man-in-the-Middle attack can come in multiple forms. This article describes these and how you can mitigate such attacks. Read Full Story