Our DevSec blog is dedicated to the topics, best practices and cybersecurity research needed by mobile developers (DEV) and cybersecurity (SEC) teams in the modern mobile DevOps pipeline.
In this DevSec blog we’ll share our research and best practices in securing Android & iOS apps. Our goal is to help mobile developers and cyber security teams stay ahead of mobile app hackers, attackers, pass mobile application penetration tests, and make mobile DevSecOps compliance easy.
Subscribe today. We’d love to have you join our community!
Every mobile business faces five universal threats that can disrupt operations, erode revenue, and damage user trust: fraud, scams, bots, account takeovers (ATOs), and security/compliance failures. These threats…
This week at RSA, Appdome won several awards, including Best AI Platform for Cyber Resilience. I want to take this opportunity to explain why this one award is a significant…
In this blog, we’ll explore why turning the WAF into a fraud-fighting powerhouse by analyzing deep session risk on every API connection request can revolutionize your ATO defense strategy.
Web Application Firewalls…
AI Has Changed the Attack Landscape Forever
Mobile apps today are under siege from a new wave of highly sophisticated attacks. Deepfakes, automated account takeovers (ATOs), AI-generated synthetic users,…
We just released our new MobileBOT™ Defense offering. I wanted to take a moment to tell you why.
For years, bot defense has focused on blocking brute-force bot attacks and…
With the recent attention on Signal Gate, we get asked: “How secure are messaging apps?”
As a backdrop, let me say that many messaging apps use “end-to-end” encryption to protect…
Cybersecurity has undergone a profound transformation over the past two decades. Once a narrowly scoped discipline focused on control and compliance, the Chief Information Security Officer (CISO) role has…
Palo Alto Networks and Crowdstrike have made it clear that platforms are the right strategy for cyber defense initiatives. And platforms do offer a lot of advantages over manual defense options – faster time to market, just-in-time defense, better compliance …
I’ve worked with our cyber research team, providing assessments of mobile apps for mobile banks and brands, and it always surprised me to see that API endpoints and API…
Securing the mobile business is at a breaking point. Cyber teams need to release more defenses than ever into the mobile channel. At the same time, Engineering teams, with…
What Are LOTL Attacks on Mobile Apps?
Living Off the Land (LOTL) attacks on mobile apps exploit legitimate tools, APIs, and system functionalities to carry out malicious activities. Unlike…
Biometric authentication methods like Apple Face ID, Google Face Unlock, Android Biometric APIs, third-party voice authentication, and third-party facial verification systems, have become the foundation of secure mobile experiences….
Have a Security Project?
We Can Help!
Notifications
