The Rise of Super Apps: Challenges & Opportunities in Mobile Security

The Rise of Super Apps: Challenges & Opportunities in Mobile Security

In recent years, the tech world has witnessed a significant shift towards what are known as "super apps." These mobile applications have become increasingly popular, offering a plethora of services within a ...
Do You Want to Know a Secret? Just Take a Look Inside Top Finance Apps

Do You Want to Know a Secret? Just Take a Look Inside Top Finance Apps

Financial apps have access to valuable and sensitive personal data, so you would think mobile app security would be top-of-mind for financial institutions. But is it?  ...
AI code fixing

Supply Chain Dependency: What Your GitHub Connections May Trigger

The writing is on the walls, and it’s hard to avoid after the significant spike in attacks against GitHub repositories. The recent CircleCI breach, in which customers’ secrets and encryption keys were ...
Security Boulevard
ChatGPT and API Security

ChatGPT and API Security

First of all, this blog was written by a human being! Now that that's out of the way,  let's get onto our main topic for today which is to take a look ...
Can I Share My API Key?

Can I Share My API Key?

An API key is a token provided by a client when making API calls. It is used to authenticate and authorize access to specific resources. In this article, we answer the question, ...
Hardcoded cloud creds prove it’s easy for API hackers to win

Hardcoded cloud creds prove it’s easy for API hackers to win

Learn how API keys and tokens are being baked into mobile apps, and how you can win on #redteam because of this oversight. The post Hardcoded cloud creds prove it’s easy for ...
Why Should You Keep Your API Key Secure?

Why Should You Keep Your API Key Secure?

Attacks against APIs are increasing and API key protection is central to miminizing your business risks. In this article we’ll look at what your exposures are and what you should do about ...
Hands-on Mobile App and API Security - Runtime Secrets Protection

Hands-on Mobile App and API Security – Runtime Secrets Protection

In a previous article we saw how to protect API keys by using Mobile App Attestation and delegating the API requests to a Proxy. This blog post will cover the situation where ...
How Should API Keys be Stored?

How Should API Keys be Stored?

Mobile app developers keep hearing that they shouldn’t store API keys in their app code but they don’t hear where they should store them. In this article we discuss the topic and ...
How to Prevent API Abuse

How to Prevent API Abuse

API abuse, when the API is used in an unexpected way, is a growing problem in software development and one of the leading attack vectors cybercriminals exploit. According to a recent security ...