Our DevSec blog is dedicated to the topics, best practices and cybersecurity research needed by mobile developers (DEV) and cybersecurity (SEC) teams in the modern mobile DevOps pipeline.
In this DevSec blog we’ll share our research and best practices in securing Android & iOS apps. Our goal is to help mobile developers and cyber security teams stay ahead of mobile app hackers, attackers, pass mobile application penetration tests, and make mobile DevSecOps compliance easy.
Subscribe today. We’d love to have you join our community!
When we think of digital pipelines, we often think of developers, not defenders. However, in the age of AI, threats are evolving much faster than ever. Now more than…
Summary:
Apple’s AirPlay protocol, recently found to have 23 critical vulnerabilities, is putting enterprise environments at risk in ways few companies are prepared to handle. While Apple’s patching efforts are…
A recent Cybernews investigation revealed that over 71% of iOS apps leak hardcoded secrets, exposing mobile users and businesses to significant security risks. These embedded credentials – API keys,…
Every mobile business faces five universal threats that can disrupt operations, erode revenue, and damage user trust: fraud, scams, bots, account takeovers (ATOs), and security/compliance failures. These threats…
This week at RSA, Appdome won several awards, including Best AI Platform for Cyber Resilience. I want to take this opportunity to explain why this one award is a significant…
In this blog, we’ll explore why turning the WAF into a fraud-fighting powerhouse by analyzing deep session risk on every API connection request can revolutionize your ATO defense strategy.
Web Application Firewalls…
AI Has Changed the Attack Landscape Forever
Mobile apps today are under siege from a new wave of highly sophisticated attacks. Deepfakes, automated account takeovers (ATOs), AI-generated synthetic users,…
We just released our new MobileBOT™ Defense offering. I wanted to take a moment to tell you why.
For years, bot defense has focused on blocking brute-force bot attacks and…
With the recent attention on Signal Gate, we get asked: “How secure are messaging apps?”
As a backdrop, let me say that many messaging apps use “end-to-end” encryption to protect…
Cybersecurity has undergone a profound transformation over the past two decades. Once a narrowly scoped discipline focused on control and compliance, the Chief Information Security Officer (CISO) role has…
Palo Alto Networks and Crowdstrike have made it clear that platforms are the right strategy for cyber defense initiatives. And platforms do offer a lot of advantages over manual defense options – faster time to market, just-in-time defense, better compliance …
I’ve worked with our cyber research team, providing assessments of mobile apps for mobile banks and brands, and it always surprised me to see that API endpoints and API…
Have a Security Project?
We Can Help!
Notifications
