Approov.io Sitemap
Features
Developer Docs
Forms
- All That We Let In
- Mobile App Attestation
- How to Eliminate Hardcoded API Keys from Your Apps
- How to Prevent Mobile Man-in-the-Middle (MitM) Attacks
- Mobile API Security: Using Keys and Tokens
- Mobile App Protection
- Achieving OWASP Mobile App Resilience with Approov
- The New Healthcare Ecosystem will depend on FHIR APIs, But Are They Secure?
- Webinar: Best Practices For Secure API Access From Mobile Apps Without Exposing API Keys
- Whitepaper: Best Practices For Secure API Access From Mobile Apps Without Exposing API Keys
- Serverless API Proxy in the Cloud
- The State of Mobile App Security 2022
Blogs
- What is “Bank-Grade Security” and is it Enough?
- Can you protect e-scooters from Vandalism and Fraud?
- Comparing Mobile App & API Security from Approov to Zimperium (A-Z)
- Mobile API Security Best Practices
- Mobile API Security Myths
- Zero-Trust Alone Proves Inadequate for Securing APIs
- Mobile App Security Myths
- Mobile App Security Checklist
- Is Code Obfuscation Worth it?
- What is Runtime Application Self-Protection (RASP)?
- Mobile App Security Best Practices
- What You Need to Know About Broken Object Level Authorization (BOLA)
- China and India present new Challenges and Opportunities
- Mobile App Security: Uncovering the Risks of Secret Theft at Runtime
- Do You Want to Know a Secret? Just Take a Look Inside Top Finance Apps
- ChatGPT and API Security
- Approov’s Resolution for the New Year is Securing your Healthcare Data
- How to Prevent API Abuse on Mobile Apps
- Can I Share My API Key?
- Is Certificate Pinning Worth it?
- What is SafetyNet and How Does it Improve Android Security?
- Securing Mobile Gambling Platforms
- How Do I Protect My Flutter App?
- The False Economics of Agentless Security for Mobile
- Securing Electric Vehicle Charging Platforms
- How Do I Make My API Gateway Secure?
- How Can Bots Be Prevented?
- What is Bot Protection?
- Approov Integration for the Tyk API Gateway
- Is an API Gateway Secure?
- What is a Bot Manager?
- What are Bot Attacks?
- Approov Integration for the NodeJS NestJS Framework
- Is API authentication secure?
- The State of Mobile App Security in 2022 in Financial Services
- The State of Mobile App Security in 2022 in Healthcare
- Why Should You Keep Your API Key Secure?
- Hands-on Mobile App and API Security - Runtime Secrets Protection
- How Should API Keys be Stored?
- How To Add Security To Your Mobile App
- How to Prevent API Abuse
- How Can I Protect My Mobile API?
- When To Add Security To Your New Mobile App
- What Are the Most Common Types of Mobile Man-in-the-Middle Attacks?
- What Does Certificate Pinning Protect Against?
- How is Certificate Pinning Done?
- The Risks & Rewards of Travel by Mobile
- What Is In-App Protection?
- How Do You Make a Mobile App Secure?
- What is Mobile App Shielding?
- Shielding APIs that Service Mobile Apps: Part 4 - When?
- Approov GRPC Quickstarts
- Shielding APIs that Service Mobile Apps: Part 3 - How?
- Shielding APIs that Service Mobile Apps: Part 2 - What?
- Shielding APIs that Service Mobile Apps: Part 1 - Why?
- Hacking Financial APIs - New Report, Familiar Results
- Shift Left but Shield Right - and what are the options?
- Shift Left but Shield Right - but what does that mean?
- How to Defend against App Impersonation in 2022
- FHIR API Security Research- 3 Actions for Mobile Healthcare Companies
- FHIR API Security Research Sparks Debate
- How Certificate Pinning Helps Thwart Mobile MitM Attacks
- Approov Dynamic Certificate Pinning
- Our Certificate Pinning Configuration Tool
- How To Protect Against Account Takeover In 2021
- Ensuring Secure Remote Care For The Elderly
- 7 Ways to Defend Mobile Apps and APIs from Cyberattacks
- Fake Apps & Fintechs
- Approov Integration for the AWS API Gateway Platform
- API-First Strategies Require API-First Security
- Pentesting Mobile Platforms - A Short Guide Based On Experience
- The Mobile Attack Pyramid
- Approov Web Protection with FingerprintJS
- Approov Web Protection with hCaptcha
- Approov Web Protection with Google reCAPTCHA V3
- Tipping Point for the Car Rental Industry
- Guest Blog: Alissa Knight on ‘Playing with FHIR’
- Guest Blog: Authentication & Authorization in FHIR APIs'
- Approov Integration for the Azure API Management Platform
- API Keys Can Be Phished Too
- How to Bypass Certificate Pinning with Frida on an Android App
- How to MitM Attack the API of an Android App
- Guest Blog: Alissa Knight on 'Standing Outside The FHIR'
- React Native Automated Quickstart
- Closing Both Web and Mobile Doors To Automated Traffic
- Approov Integration for Python FastAPI Backends
- Clubhouse Needs A Bouncer
- Building Your Gold Standard For Account Access
- Approov Flutter Quickstart
- Balancing Mobile App and API Protection
- Approov Integration for Elixir Phoenix Channels Backends
- Approov Integration for Swift Vapor Backends
- Man-in-the-Middle: Myths and Legends
- Approov Integration for Golang Backends
- App and API Level Security for Connected Car Platforms
- Securing API Keys for Robust Mobile API Security
- Approov Integration for Elixir Phoenix Guardian Backends
- Approov Integration for Python Django Backends
- Approov Integration for Python Backends
- Exposing Vulnerabilities in mHealth Apps and APIs
- Approov Integration for NodeJS KOA Backends
- Approov Partnership with BMW on Secure & Seamless Car Share Experience
- Root and Jailbreak - To Ban or Not to Ban?
- Approov Integration for Node.js Backends
- Approov Integration for PHP Laravel Backends
- Approov Integration for Ruby on Rails Backends
- Approov Integration for PHP Backends
- Approov Integration for Ruby Backends
- EETimes Talks Approov and Automotive
- Securing Multiplayer Mobile Gaming Against Manipulation & Cyberthreats
- Approov Cloudflare Worker Quickstart
- Securing m-Commerce Apps
- What Can You Achieve In Your 30 Day Free Approov Trial?
- Approov Xamarin QuickStart
- Security Key to mHealth Success
- A Short Tour of the Approov Metrics
- Approov Dynamic Pinning - An Independent View
- Scanshake: Meeting the Need for Decentralised Contact Tracing
- Is Bluetooth Contact Tracing Too Blue-Sky?
- Six Reasons to Choose SaaS Security Over In-house
- Protecting Your SDK With Approov
- Vulnerabilities In Fintech Mobile Apps
- Approov Integration with Kong API Gateway
- Approov iOS Native QuickStarts
- Preventing Faked Proximity
- Approov Integration With NGINX Plus
- Securing APIs in React Native
- Quick Analysis: NHSX Contact Tracing App
- Mobile Auction Apps: Scalping And Sniping
- UK Contact Tracing App Privacy Risks
- Approov Enhanced App Bundle Support
- Approov React Native Quickstart
- Approov Backend Quickstarts
- Approov Android Native Integration QuickStarts
- Cloner Apps: Playing in a Shared Sandbox
- Protecting Personal Information & Sensitive Data In Mobile Health Apps
- Contact Tracing Apps: Privacy vs. Security?
- COVID-19 App User Anonymity Mandates App Authentication
- Let's Fight COVID-19 With Apps - Privately
- Securing the Enterprise for Remote Work
- Top 5 Threats to APIs Servicing Mobile Apps
- Blockchain renders online votes immutable, including fake votes!
- Approov Serverless Reverse Proxy in the AWS API Gateway
- The Race to Secure Connected Cars
- Traditional OEMs in a Mobility-as-a-Service World
- The Rise of On-Demand Mobility
- Using a Reverse Proxy to Protect Third Party APIs
- Getting Authentication Correct
- Addressing Vulnerabilities and Abuse for Comprehensive API Security
- Securing Your API server with Approov and Cloudflare
- How to Protect Against Certificate Pinning Bypassing
- Bypassing Certificate Pinning
- Improve the Security of API Keys
- Securing HTTPS with Certificate Pinning on Android
- Approov Integration in a Java Spring Stateless API
- Apple DeviceCheck and CriticalBlue Approov
- Google SafetyNet and CriticalBlue Approov
- Steal That API Key with a Man in the Middle Attack
- Preventing Mobile App and API Abuse
- How to Extract an API Key from a Mobile App by Static Binary Analysis
- How to Pin Mobile gRPC Channels
- Why Does Your Mobile App Need an API Key?
- Approov Integration in a NodeJS Express API
- Consider gRPC for Mobile APIs
- Approov Integration in a Python Flask API
- The Top 6 Mobile API Protection Techniques - Are They Enough?
- Strengthen TLS in React Native Through Certificate Pinning- iOS
- 42Crunch and CriticalBlue Announce Partnership
- Is Your Mobile App Leaking Secrets?
- Strengthen TLS in React Native Through Certificate Pinning
- Approov Cordova QuickStart
- How We Integrated Approov With Cordova
- React Native iOS: Bridging an iOS Native Module For App Authentication
- React Native: Bridging an Android Native Module For App Authentication
- A Tour of API Underprotection
- API Abuse in 2017 (Part 3)
- API Abuse in 2017 (Part 2)
- API Abuse in 2017 (Part 1)
- What if I Want to Cancel?
- Positive Technologies Partners with CriticalBlue
- Approov Cloud Service Architecture
- Approov in Parallel With User Authentication
- A Brief Introduction to Approov
- Practical API Security Walkthrough — Part 4
- Practical API Security Walkthrough — Part 3
- Practical API Security Walkthrough — Part 2
- Practical API Security Walkthrough — Part 1
- The Spectre of the Zygote
- Checking Approov Tokens in ASP.Net Core 2.0
- You Just Need to Speculate to Exfiltrate
- Strengthening OAuth2 for Mobile
- Toughen Up Soft Certificate Pinning With Approov
- Are You Human, Robot or Just Impatient?
- If You Can't Make It, Fake It
- Approov Chosen by Nimses to Protect Their Social Media Platform
- Adding OAuth2 to Mobile Android and iOS Clients Using the AppAuth SDK
- Capitalising on Uber's London Misadventure
- Unintentional Unpinning with Firebase
- API Protection Requires Both User and App Authentication
- Whitelists & Indirection Go Together Like Chocolate and Peanut Butter
- CriticalBlue Wins a 2017 API Award
- The Problem with Pinning
- Help Your Mobile API Ecosystem to Flourish
- CriticalBlue Selected as a 2017 Gartner Cool Vendor
- How Python Coders Killed my Supposedly Secure JavaScript API Service
- Hands on Mobile API Security: Pinning Client Connections
- Hands on Mobile API Security - Using a Proxy to Protect API Keys
- Swipe Left to Scrape
- How to Ride the Bus for Free (Hackers Need Not Apply)
- Richer Client, Poorer Security?
- Grand Theft Auto IRL: Tesla and Nissan Insecure Automotive Apps
- Adapting OAuth2 for Internet of Things (IoT) API Security
- Digital Healthcare: MU3 and API Security
- Mobile API Security Techniques Part 3
- Prepare to Fail
- Mobile API Security Techniques Part 2
- Mobile API Security Techniques Part 1
- There's a Fake App for That
- Mobile Banking - The Importance of What, Not Just Who
- API Key Security with Approov
- API Lockdown Without the Lockout
- Bank Account Aggregation Apps - Setting Boundaries
- The Problem of API Abuse
- The Rise of DDoS
- Simple App Authentication
- Bot Mitigation Challenges in the Mobile World
- Securing Pokémon
Knowledge Base
- Mobile App Security
- Runtime Secrets vs Code Obfuscation?
- What is RASP and can it protect my APIs?
- What is Certificate Pinning?
- Is it possible to bypass Certificate Pinning?
- Why do we need Certificate Pinning?
- What impact will Fiscalization Laws have on Mobile App Cybersecurity
- Approov Mobile Security
- What are the benefits of Approov?
- Can Approov also Secure APIs on my Web Channel?
- Can Approov help differentiate API calls made from my genuine app from an app that's impersonating mine by providing all the necessary headers and credentials?
- What development platforms does Approov support?
- What is Approov?
- How does Approov Compare with Mobile App Hardening Solutions?
- From a liability perspective, when considering the security of our mobile solution, there is a lot of trust that we are placing on Approov’s solution to defend against attacks.
- How do I get up and running with Approov?
- How is the Approov SDK protected from attacks?
- Does Appoov meet the Certification process for CPoC Devices?
- Is Approov compliant with China's PIPL Law?
- Is Approov in compliance with GDPR and the CCPA?
- How does Approov define a MAU (Monthly Active User)?
- How does Approov work?
- Why choose Approov for Mobile Security?
- What threats does Approov protect against?
- Web Security
- Doesn’t my WAF or API Gateway block automated traffic?