Blogs by Eric Newcomer
Eric Newcomer
Principal Analyst and CTO at Intellyx, a technology analysis firm focused on enterprise digital transformation.
He previously served as CTO at WSO2 and at IONA, led Security Architecture for Citi’s consumer banking and was Chief Architect for Citi and Credit Suisse’s trade and investment divisions.
Eric is an internationally recognized expert in transaction processing, integration and cloud migration, having contributed to many industry standards including OSGi, Eclipse, SOAP, WSDL, UDDI, AMQP and more. His textbooks, including Principles of Transaction Processing, Understanding Web Services, and Understanding SOA with Web Services are used at universities around the world.
Posts on
- API Security (162)
- Mobile App Authentication (93)
- Mobile App Development (83)
- Mobile Security (75)
- Mobile App Security (71)
- Threats (69)
- API Abuse (63)
- Integration (54)
- API Keys (52)
- API (47)
- MitM Attack (47)
- Bots (39)
- Business (38)
- Certificate Pinning (33)
- Reverse Engineering (31)
- Quickstart (23)
- App Attestation (22)
- Mobile API Security (22)
- TLS (22)
- Healthcare (21)
- Android (20)
- Backend (20)
- Repackaged Apps (20)
- Fintech (18)
- iOS (17)
- Scrapers (16)
- Mobility (13)
- RASP (13)
- Zero Trust (12)
- News (9)
- Android Security (8)
- Fake Accounts (8)
- Run-time Secrets Protection (8)
- Third Party APIs (8)
- Gaming and Gambling (7)
- Man-in-the-Middle attack (7)
- API Gateway (6)
- Account Hijacking (6)
- Mobile Health (6)
- ReactNative (6)
- Retail (6)
- Apple (5)
- Automotive (5)
- HarmonyOS (5)
- OAuth2 (5)
- Reverse Proxy (5)
- Code Obfuscation (4)
- Google (4)
- OWASP (4)
- Aggregators (3)
- CheatingAsAService (3)
- Cross-Platform (3)
- Data Security (3)
- E-Commerce (3)
- Mobile App Distribution (3)
- SafetyNet (3)
- Token-Based API Access (3)
- Web Security (3)
- gRPC (3)
- App Store (2)
- Cloud (2)
- Cordova (2)
- Huawei (2)
- Mobile Banking (2)
- Mobile Finance (2)
- Mobile Payment Security (2)
- Pentesting (2)
- Runtime Application Self-Protection (2)
- SDLC (2)
- AWS (1)
- Account Takeover (1)
- App Shielding (1)
- Aviation (1)
- BOLA (1)
- CNIL (1)
- Connected Cars (1)
- Credential Stuffing (1)
- DMCC (1)
- DeviceCheck (1)
- Frida (1)
- Frontend (1)
- Google Play (1)
- SDK (1)
- Smartphone Act (1)
- Supply-chain (1)
- Travel App (1)
- WAAP (1)
- WAF (1)
- iOT (1)
- over-the-air updates (1)
Popular Posts
- How to Bypass Certificate Pinning with Frida on an Android App
- Revealing the Limitations of Apple DeviceCheck and Apple App Attest
- How to Extract an API Key from a Mobile App by Static Binary Analysis
- MitM Attacks on Android Apps: A Step-by-Step Guide Using Emulators
- Limitations of Google Play Integrity API vs. Approov Mobile Security
- Why Does Your Mobile App Need an API Key?
- Securing HTTPS with Certificate Pinning on Android
- 5 Threats to Mobile Games and 5 Essential Security Measures
- Three Actions You Should Take Right Now to Stop Mobile MitM Attacks
- Epic Games Beat Google, but Lost to Apple - What are the Implications?
- How Poor API Security Led to Major Breaches in 2024
- Limitations of Huawei HarmonyOS Safety Detect: What You Need to Know
- Securing APIs with Approov and Cloudflare: A Comprehensive Guide
- Bypassing Certificate Pinning
- Are You Human, Robot or Just Impatient?