Blogs by Mark Mazur
Mark Mazur
Field CTO of Approov
Mark Mazur is an accomplished Chief Technology Officer and Field CTO with over 20 years of experience architecting and scaling enterprise, mobile, web, AI, and server software. He has a proven track record of driving technology strategy for high-growth startups and mature organizations across cybersecurity, fintech, ad-tech, messaging, and gaming. Currently serving as the Field CTO at Approov Mobile Security, Mark specializes in mobile app security, API abuse prevention, and zero-trust bot protection. Previously, as CTO at Grow Credit Inc., he led a globally distributed, rapid Agile engineering team of 20+ engineers to deploy a containerized microservice platform and multiple partner integrations serving over 100K active users. Over his distinguished career, he has built robust MVPs, optimized infrastructure, and partnered with CEOs to create massive investor value for companies including TextPlus, Mobilityware, November Media, and NorthBay Solutions.
Posts on
- Mobile API Security (195)
- Mobile App Authentication (93)
- Mobile App Development (84)
- Mobile App Security (78)
- Mobile Security (74)
- Threats (73)
- API Abuse (64)
- Integration (56)
- API Keys (52)
- MitM (49)
- Bots (43)
- Business (38)
- Certificate Pinning (35)
- Reverse Engineering (31)
- Quickstart (26)
- Android Security (24)
- App Attestation (24)
- Backend (23)
- TLS (22)
- Repackaged Apps (20)
- Mobile Finance (18)
- Scrapers (18)
- iOS (17)
- RASP (14)
- Connected Car (13)
- Zero Trust (13)
- Mobile Health (12)
- Gaming and Gambling (11)
- Run-time Secrets Protection (10)
- News (9)
- ReactNative (8)
- Third Party APIs (8)
- Fake Accounts (7)
- Huawei (7)
- Retail (7)
- API Gateway (6)
- Account Hijacking (6)
- Apple (6)
- Compliance & Privacy (6)
- Cybersecurity (5)
- Google (5)
- OAuth2 (5)
- Reverse Proxy (5)
- App Store (4)
- Code Obfuscation (4)
- Cross-Platform (4)
- OWASP (4)
- Aggregators (3)
- Cloud (3)
- Data Security (3)
- E-Commerce (3)
- Mobile App Distribution (3)
- SafetyNet (3)
- Token-Based API Access (3)
- Web Security (3)
- Zero Secret (3)
- gRPC (3)
- Frida (2)
- Frontend (2)
- Mobile Banking (2)
- Mobile Payment Security (2)
- Pentesting (2)
- Runtime Application Self-Protection (2)
- SDLC (2)
- AI Scraping (1)
- Agentic AI (1)
- App Shielding (1)
- CNIL (1)
- Credential Stuffing (1)
- DeviceCheck (1)
- Google Play (1)
- Government (1)
- Supply-chain (1)
Popular Posts
- How to Bypass Certificate Pinning with Frida on an Android App
- Revealing the Limitations of Apple DeviceCheck and Apple App Attest
- Limitations of Google Play Integrity API vs. Approov Mobile Security
- How to Extract an API Key from a Mobile App by Static Binary Analysis
- MitM Attacks on Android Apps: A Step-by-Step Guide Using Emulators
- Securing APIs with Approov and Cloudflare: A Comprehensive Guide
- Three Actions You Should Take Right Now to Stop Mobile MitM Attacks
- Are You Human, Robot or Just Impatient?
- 5 Threats to Mobile Games and 5 Essential Security Measures
- Bypassing Certificate Pinning
- Secure Your Mobile App from Geo-Spoofing with Robust API Integration
- Limitations of Huawei HarmonyOS Safety Detect: What You Need to Know
- How to Ride the Bus for Free (Hackers Need Not Apply)
- Why Does Your Mobile App Need an API Key?
- Protect Mobile API: Prevent Certificate Pinning Bypass with Approov