• Upwardly Mobile - API & App Security News

  • 著者: Approov Limited
  • ポッドキャスト

Upwardly Mobile - API & App Security News

著者: Approov Limited
無料で聴く

  • サマリー

  • Dive into the high-stakes world of mobile app development and API security with Upwardly Mobile, your ultimate guide to defending apps in today’s volatile digital landscape. Hosted by Skye Macintyre and George McGregor, and proudly sponsored by Approov, the leaders in mobile app attestation and API security, this podcast unpacks the evolving threats and innovative solutions shaping mobile security.Explore why the built-in protections from tech giants like Apple, Google, and Huawei often fall short, leaving sensitive data vulnerable. Learn how advanced techniques—like runtime attestation and dynamic API security—thwart attackers and secure your app ecosystem. Each episode delivers insights into major data breaches, emerging trends, and actionable strategies to fortify your apps and APIs against ever-advancing cyber threats.From development best practices to navigating compliance and regulation, Upwardly Mobile equips mobile developers, security professionals, and tech enthusiasts with the knowledge to safeguard their creations. Stay informed, stay secure, and stay ahead with expert guidance on the future of mobile cybersecurity.Subscribe now on Spotify and Apple Podcasts, and elevate your security game!
    2024 Approov Limited
    続きを読む 一部表示

あらすじ・解説

Dive into the high-stakes world of mobile app development and API security with Upwardly Mobile, your ultimate guide to defending apps in today’s volatile digital landscape. Hosted by Skye Macintyre and George McGregor, and proudly sponsored by Approov, the leaders in mobile app attestation and API security, this podcast unpacks the evolving threats and innovative solutions shaping mobile security.Explore why the built-in protections from tech giants like Apple, Google, and Huawei often fall short, leaving sensitive data vulnerable. Learn how advanced techniques—like runtime attestation and dynamic API security—thwart attackers and secure your app ecosystem. Each episode delivers insights into major data breaches, emerging trends, and actionable strategies to fortify your apps and APIs against ever-advancing cyber threats.From development best practices to navigating compliance and regulation, Upwardly Mobile equips mobile developers, security professionals, and tech enthusiasts with the knowledge to safeguard their creations. Stay informed, stay secure, and stay ahead with expert guidance on the future of mobile cybersecurity.Subscribe now on Spotify and Apple Podcasts, and elevate your security game!
2024 Approov Limited
続きを読む 一部表示
エピソード
  • Mobile API Security | Closing the Protection Gap with a Mobile SDK

    Mobile API Security | Closing the Protection Gap with a Mobile SDK
    2024/12/23
    Episode Notes: Closing the API Security Gap with a Mobile SDKs
    In this episode, we delve into the critical topic of mobile app API security and explore how a robust SDK solution like Approov can bridge the gap left by traditional security measures.
    Key Discussion Points:

    The mobile security gap: Traditional application security vendors, while focusing on web application and API protection (WAAP), often neglect the specific vulnerabilities of mobile apps.12

    Limitations of backend security: Solutions like WAFs and API gateways rely on observing traffic patterns at the backend. This approach can be ineffective against sophisticated bots mimicking legitimate mobile app behaviour and may lead to false positives, disrupting genuine users.3

    The rise of mobile SDKs for enhanced protection: Embedding an SDK within a mobile app enables continuous verification of contextual information from the app and the device environment, providing more effective protection against mobile-originated threats.45

    Two types of SDK approaches:

    User-behaviour signals: This approach analyses user interactions within the app to identify bot activity, but it can be computationally intensive and prone to false positives and negatives.

    Software-identity signals: This approach focuses on detecting problematic software or configurations on the device, offering a more deterministic and accurate method of bot detection.

    Approov's unique approach to mobile app security: Approov uses a software-identity signal approach to validate the authenticity of both the app and the device at runtime, ensuring that only legitimate requests reach backend servers.

    Benefits of Approov:

    Accurate and deterministic bot detection

    Enhanced API key security through just-in-time delivery

    Seamless integration with existing backend security solutions

    How Approov enhances existing backend security: Approov complements traditional security measures by providing an additional layer of mobile-specific protection, closing the security gap and offering a comprehensive approach to safeguarding APIs.
    Call to Action:

    Visit the Approov website to learn more about their mobile app security solutions: https://approov.io/

    Contact Approov to discuss your specific mobile app security needs: Use the "Talk to Approov Expert" button on their website.
    Keywords for SEO:
    Mobile app security, API security, SDK, Approov, bot detection, WAAP, WAF, software-identity signals, user-behaviour signals, mobile threats, runtime protection, API key security.
    続きを読む 一部表示
    15 分
  • Zero Trust Mobile Security with Approov

    Zero Trust Mobile Security with Approov
    2024/12/20
    Synopsis: In this episode, we explore the critical world of mobile app security and how the concept of zero trust is reshaping the way we protect sensitive data. We delve into the vulnerabilities inherent in traditional security models and discuss why a zero trust approach is essential for safeguarding your apps and your users. Guest: Dr. Edward Amoroso, Chief Executive Officer, TAG InfosphereKey Discussion Points:
    • The Mobile Threat Landscape: Discuss the evolving threats facing mobile apps, including API abuse, infrastructure-in-the-middle attacks, unauthorized usage, fake apps, bots, and data breaches. [1-5]
    • Zero Trust Principles: Explain the core principles of zero trust and why it's particularly crucial for mobile environments where devices are often outside the traditional security perimeter.
    • Approov's Role in Zero Trust Mobile Security: Demonstrate how Approov leverages runtime secrets protection, app attestation, and dynamic certificate pinning to establish a robust zero trust framework for mobile apps.
    • Dynamic API Protection: Highlight the importance of dynamic API protection as a key component of a zero trust strategy and explore how Approov achieves this through real-time threat detection, over-the-air updates, and dynamic defenses. [5, 23, 25, 33, 36, 38, 41]
    • The Future of Mobile App Security: Speculate on emerging trends and technologies that will shape the future of mobile app security in the context of zero trust and a rapidly evolving threat landscape.
    Links:
    • Approov Website: www.approov.io
    • Upwardly Mobile Podcast: https://open.spotify.com/show/3iYLhvcx8q1QwH0jc1QSld
    • Approov Runtime Secrets Protection: https://approov.io/mobile-app-security/rasp/runtime-secrets/
    • TAG Infosphere Website: https://tag-infosphere.com/
    続きを読む 一部表示
    19 分
  • TikTok Ban Upheld | A Legal Showdown

    TikTok Ban Upheld | A Legal Showdown
    2024/12/16
    Podcast Notes: TikTok Ban, Data Privacy and the Future of Social Media
    Keywords: TikTok, ban, data privacy, cybersecurity, free speech, social media, USA, China, Apple, Google, Meta, Amazon, algorithms, surveillance.
    Links:

    https://www.forbes.com/sites/petersuciu/2024/12/06/tiktok-ban-upheld-by-appeals-court-clock-running-out-for-bytedance/

    https://www.forbes.com/sites/zakdoffman/2024/10/04/warningtiktok-posts-caught-stealing-iphone-android-user-passwords/
    Introduction

    The US Court of Appeals has upheld the ban on TikTok, citing national security concerns over data sharing with China12.

    This decision has ignited debates about free speech, data privacy, and the power of Big Tech3.
    The TikTok Ban: A Timeline

    President Trump initially attempted to ban TikTok, but the Biden administration overturned it4.

    President Biden signed a new "sell-or-ban" law in April 2024, with bipartisan support3.

    The law requires TikTok to be sold to a US company or face a complete ban by January 19, 20255.
    The Security Debate

    US lawmakers argue that TikTok could share user data with the Chinese government, posing a national security risk26.

    Critics point out that US companies like Meta and Amazon also collect vast amounts of user data and have faced privacy abuse allegations7.

    They argue that the focus on TikTok is hypocritical and that a broader discussion about data privacy in the US is needed67.
    Data Privacy in the USA

    The USA lacks a federal data privacy framework, allowing companies like Apple and Google to set their own policies, which often lack transparency68.

    This lack of regulation makes it difficult for users to understand how their data is collected and used68.
    The Impact on Users

    The ban could disrupt millions of TikTok users and creators who rely on the platform9.

    Users may migrate to platforms like Instagram Reels or Bluesky9.

    The ruling highlights the importance of data privacy and the need for greater transparency from social media companies10.
    Key Talking Points:

    Is the TikTok ban justified based on national security concerns, or is it a form of censorship?

    Does the ban adequately address the broader issue of data privacy in the US?

    What are the implications of the ban for users and the future of social media?

    How can governments balance national security with individual rights in the digital age?
    This case is a microcosm of larger issues surrounding cybersecurity, data privacy, and the power of technology companies. It's crucial to have open discussions about these issues to protect user rights and ensure a safer online environment.
    続きを読む 一部表示
    9 分

Upwardly Mobile - API & App Security Newsに寄せられたリスナーの声

カスタマーレビュー:以下のタブを選択することで、他のサイトのレビューをご覧になれます。

Audible.co.jp

Amazon.co.jp
レビューはまだありません。