Blog

Despite being a potential approach for enhancing software supply chain security, SBOM’s own flaws and complexities in implementation may be holding back its goal to improve software transparency and security.

Machine Learning models are a significant investment in competitive advantage; thus, companies are willing to walk the extra mile to protect them. ML model security is even more critical when models are run on mobile applications or edge devices. Our guide goes deep into the practical security solutions for protecting your ML models and innovations.

Cossack Labs Mobile Security Score (CL MSS) is security framework for mobile applications. It focuses on risk-based requirements, continuous risk management, and measurable progress for enhancing mobile app security and sensitive data protection.

Security automation contributes to measurable improvements: stable security processes and efficient assessments that save time and effort. Security-focused pre-built templates covering prevalent security testing scenarios that can be customised and tailored to your specific needs.

How to implement OAuth in the context of mobile applications while avoiding security pitfalls? Practical steps on fortifying OAuth flow with PKCE, state parameter, managing secure redirections, and focusing on critical aspects during OAuth assessment in mobile environments.

Designed for securing online accounts, FIDO U2F as a protocol and YubiKey as a hardware tool are not silver bullets. If not used wisely, this powerful combo becomes an attractive target in the hands of skilful attackers.

Ensuring security in cross-platform development with Flutter: Pros and cons, platform-specific security risks, fundamental security recommendations for using Flutter effectively and avoiding pitfalls.

Building secure digital wallets is a challenge when it comes to balancing between convenience and security. How can we build secure payment solutions that meet the needs of fintech users and effectively protect their assets?

Understanding digital wallet fraud is critical for designing and integrating an effective anti-fraud solution. Read about security events, risk models, remote device attestation, user authentication, KYC, trade-offs, and many more.

NFC-based devices, such as mobile digital wallets, contactless smart cards, and security keys (hardware authentication devices), are exposing users to NFC vulnerabilities in encryption, replay and side-channel attacks.