Skip Hovsmith

The new React Native Approov Quickstart provides automated integration of Approov API threat protection for most React Native apps. Read Full Story

ShipFast and ShipRaider made a fresh appearance at the RSA Conference in late February 2020 in San Francisco. This time the focus was on API security for React Native Apps:   Read Full Story

For zero trust mobile apps and APIs, credentials aren’t nearly enough. Read Full Story

Securely identify your API Caller Read Full Story

This post includes a video of SKip Hovsmith's talk on preventing mobile app and API abuse at the 2019 AppSec California Conference.   Read Full Story

Last-mile Security for gRPC-connected mobile APIs Read Full Story

EVALUATING GRPC REQUEST-RESPONSE, AUTHENTICATION, AND STREAMING gRPC is an open source remote procedure call (RPC) framework that runs across many different client and server platforms. It commonly uses protocol buffers (protobufs) to efficiently serialize structured data for communication, and it is used extensively in distributed and microservice-based systems. Read Full Story

Enhance React Native’s networking API protection on Android and iOS without touching your Javascript code or manually editing the native code projects. The first edition of this article implemented TLS certificate pinning for React Native apps on Android. Since then, the react-native-cert-pinner package has been enhanced to support pinning on iOS devices, and this edition of the post walks through the previous example for iOS.  Read Full Story

Beginning in July 2018 with the 68 release, Chrome began marking all sites not running HTTPS (TLS over HTTP) as “not secure”. TLS uses site certificates to establish a chain of trust and encrypt communication at the transport layer. Read Full Story

Photo by Liu Zai Hou on Unsplash Read Full Story