Strategies to Stop Credential Stuffing Attacks on Mobile Apps
Identity-based and social engineering attacks are surging in 2024. Stolen credentials give hackers immediate access and control… and an instant path to stealing data and orchestrating ransomware attacks. Credential stuffing attacks are the method of choice for hackers, so what are the steps you need to take to prevent ... Read More
Enhance Cross-Platform Development with Robust Security Solutions
Cross-platform development tools such as Flutter and React Native are increasingly being used to develop mobile apps. The financial and organizational advantages of using such frameworks are becoming clearer and any perceived shortcomings are being addressed. But what about security? This blog dives into cross-platform tools and argues that security ... Read More
Responding to and Recovering from Mobile App Security Breaches
Zero Trust says “assume breach” and your response plan must cover handling third-party security incidents too. Mobile apps depend on third party APIs, and you need to be prepared to act quickly if a service you depend on has a security incident. This blog discusses what you can do to ... Read More
Why Isn’t Zero Trust Systematically Applied in Mobile App Security?
Here at Appoov, we were wondering why there has been so little discussion about applying the principles of Zero Trust specifically to mobile apps when this is a concept which has become quite mainstream in enterprise security ... Read More
The Rise of Unofficial Apps in Delivery, Automotive, and E-Commerce
Understanding the Security Risks and Solutions for Protecting Sensitive Data There is a trend emerging for anyone launching a consumer business. Almost every business these days does two things: the first is to create an app and the second is to publish an API ... Read More
Limitations of Huawei HarmonyOS Safety Detect: What You Need to Know
This overview outlines the development and adoption of Huawei HarmonyOS and the associated security solution Safety Detect, highlighting some limitations with the approach. As regulations such as the EU DMA force the use of alternative app stores, the dependence of Huawei security features on the use of the Huawei AppGallery ... Read More
Streamlining the Defense Against Mobile App Bots
Let’s talk about bots. And be a little provocative. A review of bot solutions (see previous blog) reveals a common assumption that I think is misleading: Namely that separating good from bad bots and blocking the bad ones is complicated and requires elaborate solutions using machine learning, AI and whatnot ... Read More
2024 OWASP Mobile Top Ten Risks
In case you didn't notice, the OWASP Mobile Top 10 List was just updated, for the first time since 2016! This is important for developers since this list represents the list of the most crucial mobile application security risks in 2024. This blog explains how this fits in with other ... Read More
2024 OWASP Mobile Top Ten Risks
What is OWASP MASVS? In case you didn't notice, the OWASP Mobile Top 10 List was just updated, for the first time since 2016! This is important for developers since this list represents the list of the most crucial mobile application security risks in 2024. This blog explains how this ... Read More
Revealing the Limitations of Apple DeviceCheck and Apple App Attest
This overview outlines the history and use of Apple DeviceCheck including the DeviceCheck App Attest feature. It will highlight how this security solution is used and highlight some limitations. We also compare and contrast Apple DeviceCheck and App Attest with the comprehensive mobile security offered by Approov. ... Read More
