Secure React Native Apps Against API Abuse

Secure React Native Apps Against API Abuse

OWASP Foundation via YouTube Direct link

a: Use App-Level Message Protection

21 of 29

21 of 29

a: Use App-Level Message Protection

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Secure React Native Apps Against API Abuse

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 The Dark API Economy
  3. 3 Mobile Apps Rely on APIs
  4. 4 Abusing APIs in the Mobile Market
  5. 5 Mobile Attack Surfaces
  6. 6 The ShipFast Driver App
  7. 7 API Sequence for Pick Up and Delivery
  8. 8 The Ship Raider Bench and Driver App
  9. 9 ShipRaider's API Exploit
  10. 10 Initial Security Posture
  11. 11 User Authorization is not Service Authorization
  12. 12 Common API Gateway Defenses
  13. 13 API Proxy Pattern
  14. 14 Inspect the App Package
  15. 15 Obfuscate Code and Secrets in Code . Obfuscate calling logic and API & kay strings
  16. 16 Observe/Manipulate Communication Channel
  17. 17 Certificate Pinning
  18. 18 Unpin the Channel
  19. 19 Block Rooting and Instrumentation
  20. 20 Nervous Product Manager
  21. 21 a: Use App-Level Message Protection
  22. 22 Defense 4: Removing Secrets from App Package
  23. 23 Find Message Signing Secret
  24. 24 a: Improve Run-Time Defenses
  25. 25 Moving secrets and security decisions off device
  26. 26 Defense 5b: Authenticate the App Off Device
  27. 27 Defense 5c: Reintroduce the Pinning Service
  28. 28 API Defense Objectives
  29. 29 Attacker Pivots to a Less Secure App

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.