all InfoSec news
Hands-on Mobile App and API Security – Runtime Secrets Protection
Security Boulevard securityboulevard.com
In a previous article we saw how to protect API keys by using Mobile App Attestation and delegating the API requests to a Proxy. This blog post will cover the situation where you can’t delegate the API requests to the Proxy, but where you want to remove the API keys (secrets) from being hard-coded in your mobile app to mitigate against the use of static binary analysis and/or runtime instrumentation techniques to extract those secrets.
The post Hands-on Mobile App …
api api keys api security api security - analysis app mobile mobile app mobile app authentication mobile security news and insights protection runtime secrets security