20 February, 2026
Blogs by Adrian Tukendorf
Adrian Tukendorf
Adrian Tukendorf is a software engineer at Approov, where he helps build and improve the systems that protect mobile apps and APIs from abuse. He works across the stack, partnering with product and engineering teams to turn complex security requirements into reliable, developer-friendly features—always with an eye on performance, scalability, and a great integration experience. At Approov, Adrian is especially interested in the practical side of security: making strong protections easy to adopt, easy to operate, and hard to bypass. Whether he’s refining core services, strengthening the SDK experience, or improving internal tooling and observability, his focus is on shipping robust solutions that teams can trust in production.
Posts on
- Mobile API Security (184)
- Mobile App Authentication (93)
- Mobile App Development (83)
- Mobile Security (74)
- Mobile App Security (72)
- Threats (69)
- API Abuse (64)
- Integration (55)
- API Keys (52)
- MitM (48)
- Bots (39)
- Business (37)
- Certificate Pinning (33)
- Reverse Engineering (31)
- Quickstart (25)
- Android Security (23)
- Backend (23)
- App Attestation (22)
- TLS (22)
- Repackaged Apps (20)
- Mobile Finance (17)
- Scrapers (17)
- iOS (17)
- Mobility (13)
- RASP (13)
- Mobile Health (12)
- Zero Trust (12)
- Gaming and Gambling (9)
- News (9)
- Run-time Secrets Protection (8)
- Third Party APIs (8)
- Fake Accounts (7)
- ReactNative (7)
- Retail (7)
- API Gateway (6)
- Account Hijacking (6)
- Compliance & Privacy (6)
- Huawei (6)
- Apple (5)
- OAuth2 (5)
- Reverse Proxy (5)
- Code Obfuscation (4)
- Google (4)
- OWASP (4)
- Aggregators (3)
- Cross-Platform (3)
- Data Security (3)
- E-Commerce (3)
- Mobile App Distribution (3)
- SafetyNet (3)
- Token-Based API Access (3)
- Web Security (3)
- gRPC (3)
- App Store (2)
- Cloud (2)
- Frontend (2)
- Mobile Banking (2)
- Mobile Payment Security (2)
- Pentesting (2)
- Runtime Application Self-Protection (2)
- SDLC (2)
- App Shielding (1)
- CNIL (1)
- Credential Stuffing (1)
- DeviceCheck (1)
- Frida (1)
- Google Play (1)
- SDK (1)
- Supply-chain (1)
- WAAP (1)
- WAF (1)
- iOT (1)
- over-the-air updates (1)
Popular Posts
- How to Bypass Certificate Pinning with Frida on an Android App
- Revealing the Limitations of Apple DeviceCheck and Apple App Attest
- How to Extract an API Key from a Mobile App by Static Binary Analysis
- MitM Attacks on Android Apps: A Step-by-Step Guide Using Emulators
- Limitations of Google Play Integrity API vs. Approov Mobile Security
- Three Actions You Should Take Right Now to Stop Mobile MitM Attacks
- Why Does Your Mobile App Need an API Key?
- 5 Threats to Mobile Games and 5 Essential Security Measures
- Securing HTTPS with Certificate Pinning on Android
- Securing APIs with Approov and Cloudflare: A Comprehensive Guide
- Are You Human, Robot or Just Impatient?
- Limitations of Huawei HarmonyOS Safety Detect: What You Need to Know
- Bypassing Certificate Pinning
- Epic Games Beat Google, but Lost to Apple - What are the Implications?
- How to Ride the Bus for Free (Hackers Need Not Apply)