API Abuse
Introducing Integrated API Abuse Prevention to Combat Bad Bots
In recent years there’s been a rise in “API Abuse” attacks, which includes detrimental automated behaviors such as malicious bots, account takeover (ATO), credential stuffing, application layer (L7) DDoS, data scraping, and ...
ChatGPT Injection: a new type of API Abuse attack may steal your OpenAI API credits
ChatGPT is spreading like wildfire all over the internet, being used in everything from casual tools to cybersecurity and even industrial applications. It’s so popular, I wouldn’t be shocked if it starts ...
What You Need to Know About Broken Object Level Authorization (BOLA)
Photo by Claudel Rheault on Unsplash Broken Object Level Authorization (BOLA) is the #1 vulnerability in the OWASP API Security Project’s API Security Top Ten in 2019. Using BOLA, an attacker exploits ...
Mobile App Security: Uncovering the Risks of Secret Theft at Runtime
This is our second blog highlighting the results of the Approov Threat Lab Report ...
T-Mobile’s SIXTH Breach in 5 years: 37M Users’ PII Leaks
The Un-carrier is In-secure, it seems. Un-believable. In-credibly in-competent. CEO Mike Sievert (pictured) might become un-CEO ...
How to Prevent API Abuse on Mobile Apps
API abuse is a growing concern in today's digital landscape, with criminals finding new and innovative ways to exploit APIs for their own gain. According to a recent study by Salt Security, ...
Is Certificate Pinning Worth it?
In a word - yes; when implemented correctly, certificate pinning is an effective method for securing mobile application traffic by restricting the accepted certificates to just those you are willing to trust ...
Securing Electric Vehicle Charging Platforms
Spikes in the prices of fossil fuels have provided yet another incentive for consumers to move towards electric vehicles (EVs). Alongside that trend is the pressing requirement to have a charging infrastructure ...
How Can Bots Be Prevented?
This blog explains bot attacks in detail, how to distinguish good from bad bots, and explains how to let good bots do their useful work while preventing bad bots from doing any ...
What is Bot Protection?
If you're a mobile app developer, chances are you've heard of bot protection. Bots are programs that run automated tasks over the internet. Although criminals can use them for malicious purposes, such ...