This blog describes how to get complete end-to-end protection for your API keys and other secrets,...
Approov Blog
Stay up to date on Mobile App and API Security
It’s 2025 — attackers aren’t cracking apps line by line anymore. They’re running them, modifying...
We have discussed the connected car market in previous blogs. The Smart Home - with multiple IoT...
Open-source projects and DIY communities are tapping into real-time data from medical devices to...
APIs (Application Programming Interfaces) are the unsung heroes in an interconnected digital world....
Listen up. That digital gold in your crypto wallet? North Korean hackers want it, and they're...
Posts on
- API Security (157)
- Mobile App Authentication (93)
- Mobile App Development (82)
- Mobile Security (74)
- Threats (67)
- Mobile App Security (63)
- API Abuse (62)
- Integration (54)
- API Keys (52)
- API (48)
- MitM Attack (46)
- Bots (39)
- Business (38)
- Certificate Pinning (32)
- Reverse Engineering (31)
- Quickstart (23)
- Healthcare (21)
- TLS (21)
- Android (20)
- App Attestation (20)
- Backend (20)
- Repackaged Apps (20)
- Fintech (18)
- iOS (17)
- Mobile API Security (16)
- Scrapers (14)
- Mobility (13)
- RASP (13)
- News (9)
- Zero Trust (9)
- Android Security (8)
- Fake Accounts (8)
- Run-time Secrets Protection (8)
- Third Party APIs (8)
- Gaming and Gambling (7)
- Man-in-the-Middle attack (7)
- API Gateway (6)
- Account Hijacking (6)
- ReactNative (6)
- Automotive (5)
- HarmonyOS (5)
- Mobile Health (5)
- OAuth2 (5)
- Reverse Proxy (5)
- Apple (4)
- Code Obfuscation (4)
- Google (4)
- OWASP (4)
- Retail (4)
- Aggregators (3)
- CheatingAsAService (3)
- Mobile App Distribution (3)
- SafetyNet (3)
- Token-Based API Access (3)
- Web Security (3)
- gRPC (3)
- App Store (2)
- Cloud (2)
- Cordova (2)
- Cross-Platform (2)
- Data Security (2)
- Huawei (2)
- Mobile Banking (2)
- Mobile Finance (2)
- Mobile Payment Security (2)
- Pentesting (2)
- Runtime Application Self-Protection (2)
- SDLC (2)
- AWS (1)
- Account Takeover (1)
- App Shielding (1)
- Aviation (1)
- BOLA (1)
- CNIL (1)
- Connected Cars (1)
- Credential Stuffing (1)
- DMCC (1)
- DeviceCheck (1)
- E-Commerce (1)
- Frida (1)
- Frontend (1)
- Google Play (1)
- SDK (1)
- Smartphone Act (1)
- WAAP (1)
- WAF (1)
- over-the-air updates (1)
Popular Posts
- How to Bypass Certificate Pinning with Frida on an Android App
- Revealing the Limitations of Apple DeviceCheck and Apple App Attest
- How to Extract an API Key from a Mobile App by Static Binary Analysis
- MitM Attacks on Android Apps: A Step-by-Step Guide Using Emulators
- Why Does Your Mobile App Need an API Key?
- Limitations of Google Play Integrity API vs. Approov Mobile Security
- Securing HTTPS with Certificate Pinning on Android
- How Poor API Security Led to Major Breaches in 2024
- 5 Threats to Mobile Games and 5 Essential Security Measures
- Limitations of Huawei HarmonyOS Safety Detect: What You Need to Know
- Protect Mobile API: Prevent Certificate Pinning Bypass with Approov
- Epic Games Won Against Google but Lost to Apple - What are the Implications?
- Bypassing Certificate Pinning
- How to Ride the Bus for Free (Hackers Need Not Apply)
- Three Actions You Should Take Right Now to Stop Mobile MitM Attacks