# articles - [Panel: Engineers vs. Reverse Engineers](/appsec-articles/articles/panel-engineers-vs.-reverse-engineers.md) - [TT: The AI Impersonator: Runtime Defense Against Machine-Generated Deception with Dmitri Bogatenkov](/appsec-articles/articles/tt-the-ai-impersonator-runtime-defense-against-machine-generated-deception-with-dmitri-bogatenkov.md) - [How to Stop Bots Without CAPTCHA](/appsec-articles/articles/how-to-stop-bots-without-captcha.md) - [Opening Keynote: Safety/Security Equilibrium with Sergiy Yakymchuk (Talsec)](/appsec-articles/articles/opening-keynote-safety-security-equilibrium-with-sergiy-yakymchuk-talsec.md) - [TechTalk: Predictive Apps Protection with Sergiy Yakymchuk (Talsec)](/appsec-articles/articles/techtalk-predictive-apps-protection-with-sergiy-yakymchuk-talsec.md) - [TechTalk: Best Practices for Keeping Your App Safe with Majid Hajian (Microsoft)](/appsec-articles/articles/techtalk-best-practices-for-keeping-your-app-safe-with-majid-hajian-microsoft.md) - [OWASP Top 10 For Flutter – M10: Insufficient Cryptography in Flutter & Dart](/appsec-articles/articles/owasp-top-10-for-flutter-m10-insufficient-cryptography-in-flutter-and-dart.md) - [Android Malware Detection SDK for Your App: Detect Risky & Suspicious Apps and Known Malware](/appsec-articles/articles/android-malware-detection-sdk-for-your-app-detect-risky-and-suspicious-apps-and-known-malware.md): Talsec Malware Detection SDK scans Android devices for RATs, keyloggers & SMS forwarders without QUERY\_ALL\_PACKAGES. Play Store compliant, offline-capable. - [OWASP Top 10 For Flutter – M9: Insecure Data Storage in Flutter & Dart](/appsec-articles/articles/owasp-top-10-for-flutter-m9-insecure-data-storage-in-flutter-and-dart.md) - [OWASP Top 10 For Flutter – M8: Security Misconfiguration in Flutter & Dart](/appsec-articles/articles/owasp-top-10-for-flutter-m8-security-misconfiguration-in-flutter-and-dart.md) - [OWASP Top 10 For Flutter – M7: Insufficient Binary Protection in Flutter & Dart](/appsec-articles/articles/owasp-top-10-for-flutter-m7-insufficient-binary-protection-in-flutter-and-dart.md) - [Talsec RASP+ and AppiCrypt for Apple TV Apps](/appsec-articles/articles/talsec-rasp+-and-appicrypt-for-apple-tv-apps.md) - [TechTalk: Threshold Cryptography with Jan Kvapil (MUNI)](/appsec-articles/articles/techtalk-threshold-cryptography-with-jan-kvapil-muni.md) - [Keynote: Fingerprinting, Device Intel & Context with Martin Makarský (Fingerprint)](/appsec-articles/articles/keynote-fingerprinting-device-intel-and-context-with-martin-makarsky-fingerprint.md) - [How To Detect Video Injection for KYC](/appsec-articles/articles/how-to-detect-video-injection-for-kyc.md) - [Keynote: Cloudflare for AppSec with Anatol Nikiforov (Cloudflare)](/appsec-articles/articles/keynote-cloudflare-for-appsec-with-anatol-nikiforov-cloudflare.md) - [Keynote: Communty-Driven Security as Collective Defense with Tomáš Soukal (Talsec)](/appsec-articles/articles/keynote-communty-driven-security-as-collective-defense-with-tomas-soukal-talsec.md) - [Keynote: 20 Minutes to Banking-Grade Security with Mateusz Wojtczak (LeanCode)](/appsec-articles/articles/keynote-20-minutes-to-banking-grade-security-with-mateusz-wojtczak-leancode.md) - [Keynote: Raising the Bar with Software Protection with Béatrice Creusillet (Quarkslab)](/appsec-articles/articles/keynote-raising-the-bar-with-software-protection-with-beatrice-creusillet-quarkslab.md) - [Year in Talsec RASP SDK: Highlights from 2025](/appsec-articles/articles/year-in-talsec-rasp-sdk-highlights-from-2025.md) - [Keynote: Red Teaming in Practice with Adam Žilla (Haxoris)](/appsec-articles/articles/keynote-red-teaming-in-practice-with-adam-zilla-haxoris.md) - [Keynote: Discovering the Power of AI Pentesting with Pedro Conde (Ethiack)](/appsec-articles/articles/keynote-discovering-the-power-of-ai-pentesting-with-pedro-conde-ethiack.md) - [How to Detect Jailbreak on Capacitor](/appsec-articles/articles/how-to-detect-jailbreak-on-capacitor.md): Protect your Capacitor app from compromised iOS environments with smart detection. - [How to Detect Hooking (Frida) on Capacitor](/appsec-articles/articles/how-to-detect-hooking-frida-on-capacitor.md): Protect your Capacitor app from runtime attacks like Frida and Xposed with smart detection. - [freeRASP for Kotlin Multiplaform Guide](/appsec-articles/articles/freerasp-for-kotlin-multiplaform-guide.md): A Kotlin Multiplatform (KMP) variant that lets you add runtime app protection to your shared Kotlin code. - [Achieving Cloudflare Outage Resilience using AppiCryptWeb](/appsec-articles/articles/achieving-cloudflare-outage-resilience-using-appicryptweb.md): Cryptographic Runtime Attestation for Web Applications. - [How to Detect Root on React Native](/appsec-articles/articles/how-to-detect-root-on-react-native.md): Need to secure your React Native app against rooted devices? Start here. - [How to Detect Jailbreak on React Native](/appsec-articles/articles/how-to-detect-jailbreak-on-react-native.md): Protect your React Native app from compromised iOS environments with smart detection. - [How to Prevent Magisk Root Hiding and Security Bypass](/appsec-articles/articles/how-to-prevent-magisk-root-hiding-and-security-bypass.md) - [How to Detect Hooking (Frida) on React Native](/appsec-articles/articles/how-to-detect-hooking-frida-on-react-native.md): Protect your React Native app from runtime attacks like Frida and Xposed with smart detection. - [How to Detect a Weak Wi-Fi: Guide to In-App Network Security Checks](/appsec-articles/articles/how-to-detect-a-weak-wi-fi-guide-to-in-app-network-security-checks.md) - [Future-Proofing for the Data-Driven Ecosystem: Securing Your Application and Data APIs](/appsec-articles/articles/future-proofing-for-the-data-driven-ecosystem-securing-your-application-and-data-apis.md): Focus on businesses leveraging ad-supported and affiliate business models. - [freeRASP for Unreal Engine: Secure Your Revenue](/appsec-articles/articles/freerasp-for-unreal-engine-secure-your-revenue.md): Shield your Unreal Engine mobile game with freeRASP, a free and developer-friendly runtime application self-protection solution for Android and iOS. - [How to Detect Hooking (Frida) on Flutter](/appsec-articles/articles/how-to-detect-hooking-frida-on-flutter.md): Protect your Flutter app from runtime attacks like Frida and Xposed with smart detection. - [How to Detect Root on Flutter](/appsec-articles/articles/how-to-detect-root-on-flutter.md): Need to secure your Flutter app against rooted devices? Start here. - [How to Detect Jailbreak on Flutter](/appsec-articles/articles/how-to-detect-jailbreak-on-flutter.md): Jailbroken devices open doors for attackers. Here’s how you can secure your Flutter app. - [How to Detect App Tampering & Repackaging using Kotlin](/appsec-articles/articles/how-to-detect-app-tampering-and-repackaging-using-kotlin.md): Don’t let attackers clone and modify your Android app and fight back with runtime protection. - [How to Detect Developer Mode on Android using Kotlin](/appsec-articles/articles/how-to-detect-developer-mode-on-android-using-kotlin.md): Struggling to protect your app from Developer Mode risks? Here’s how to fight back. - [How to Detect Screen Capture & Recording using Kotlin](/appsec-articles/articles/how-to-detect-screen-capture-and-recording-using-kotlin.md): Stop data leaks before they happen. Protect your Android app from unwanted screenshots and recordings. - [How to Detect Emulator in Kotlin](/appsec-articles/articles/how-to-detect-emulator-in-kotlin.md): Fake users, fraudsters, and reverse engineers love emulators. Here’s how to stop them. - [How Secure Are Flutter Apps?](/appsec-articles/articles/how-secure-are-flutter-apps.md) - [How to Detect Jailbreak using Swift](/appsec-articles/articles/how-to-detect-jailbreak-using-swift.md): Need to secure your app against jailbreaked devices? Start here. - [How to Detect Hooking (Frida) using Kotlin](/appsec-articles/articles/how-to-detect-hooking-frida-using-kotlin.md): Stop runtime attacks before they hijack your Android app. - [How to Detect Hooking (Frida) using Swift](/appsec-articles/articles/how-to-detect-hooking-frida-using-swift.md): Protect your iOS app from runtime manipulation with Frida detection. - [How to Detect VPN using Swift](/appsec-articles/articles/how-to-detect-vpn-using-swift.md): Struggling to protect your app from hidden network traffic? Here’s how to fight back. - [How to Detect VPN using Kotlin](/appsec-articles/articles/how-to-detect-vpn-using-kotlin.md): Struggling with hidden VPN traffic in your app? Here’s how to spot it before attackers exploit it. - [AppiCrypt Against Time Spoofing: From Free Trial Abuse to License Fraud and Audit Log Corruption](/appsec-articles/articles/appicrypt-against-time-spoofing-from-free-trial-abuse-to-license-fraud-and-audit-log-corruption.md) - [How to Detect Root using Kotlin](/appsec-articles/articles/how-to-detect-root-using-kotlin.md): Need to secure your app against rooted devices? Start here. - [Preventing Piracy and Cheating in Games: A Guide to Countering GameGuardian with Talsec](/appsec-articles/articles/preventing-piracy-and-cheating-in-games-a-guide-to-countering-gameguardian-with-talsec.md) - [Introducing Multi-Instancing Detection for freeRASP](/appsec-articles/articles/introducing-multi-instancing-detection-for-freerasp.md) - [iOS Keychain vs. Android Keystore](/appsec-articles/articles/ios-keychain-vs.-android-keystore.md): Deep Dive for Mobile Engineers, Architects & Security Professionals - [Introducing the Talsec Portal: A New Way to Monitor Your App — Try It Now!](/appsec-articles/articles/introducing-the-talsec-portal-a-new-way-to-monitor-your-app-try-it-now.md): Benchmark your app’s security against global standards, understand your current posture, and uncover live threats—all in one place. - [How to Achieve Root-Like Control Without Rooting: Shizuku's Perils & Talsec's Root Detection](/appsec-articles/articles/how-to-achieve-root-like-control-without-rooting-shizukus-perils-and-talsecs-root-detection.md): Explore Shizuku's root-like power for Android. Uncover this mobile security risk and learn how Talsec's RASP provides essential mobile app protection with robust root detection to safeguard your app. - [freeRASP for Unity Guide](/appsec-articles/articles/freerasp-for-unity-guide.md): Protect your Unity mobile game with freeRASP, a free and developer-friendly runtime application self-protection solution for Android and iOS. - [ApkSignatureKiller: How It Works and How Talsec Protects Your Apps](/appsec-articles/articles/apksignaturekiller-how-it-works-and-how-talsec-protects-your-apps.md): In this article, we will explore how Android protects against app tampering, discussing not only how ApkSignatureKiller works, but also the mechanisms behind. - [AI Device Risk Summary Demo | Threat Protection | Risk Scoring | Malware Detection | Android & iOS](/appsec-articles/articles/ai-device-risk-summary-demo-or-threat-protection-or-risk-scoring-or-malware-detection-or-android-and.md): An exclusive preview of the technology that will define tomorrow's mobile security. - [Podcast: iOS Keychain vs Android Keystore](/appsec-articles/articles/podcast-ios-keychain-vs-android-keystore.md) - [Obfuscation of Mobile Apps](/appsec-articles/articles/obfuscation-of-mobile-apps.md) - [OWASP Top 10 For Flutter – M6: Inadequate Privacy Controls in Flutter & Dart](/appsec-articles/articles/owasp-top-10-for-flutter-m6-inadequate-privacy-controls-in-flutter-and-dart.md) - [Simple Root Detection: Implementation and verification](/appsec-articles/articles/simple-root-detection-implementation-and-verification.md) - [OWASP Top 10 For Flutter - M5: Insecure Communication for Flutter and Dart](/appsec-articles/articles/owasp-top-10-for-flutter-m5-insecure-communication-for-flutter-and-dart.md) - [OWASP Top 10 For Flutter – M4: Insufficient Input/Output Validation in Flutter](/appsec-articles/articles/owasp-top-10-for-flutter-m4-insufficient-input-output-validation-in-flutter.md) - [OWASP Top 10 For Flutter – M3: Insecure Authentication and Authorization in Flutter](/appsec-articles/articles/owasp-top-10-for-flutter-m3-insecure-authentication-and-authorization-in-flutter.md) - [OWASP Top 10 For Flutter – M2: Inadequate Supply Chain Security in Flutter](/appsec-articles/articles/owasp-top-10-for-flutter-m2-inadequate-supply-chain-security-in-flutter.md) - [OWASP Top 10 For Flutter - M1: Mastering Credential Security in Flutter](/appsec-articles/articles/owasp-top-10-for-flutter-m1-mastering-credential-security-in-flutter.md) - [Hook, Hack, Defend: Frida’s Impact on Mobile Security & How to Fight Back](/appsec-articles/articles/hook-hack-defend-fridas-impact-on-mobile-security-and-how-to-fight-back.md) - [Emulators in Gaming: Threats and Detections](/appsec-articles/articles/emulators-in-gaming-threats-and-detections.md) - [Exclusive Research: Unlocking Reliable Crash Tracking with PLCrashReporter for iOS SDKs](/appsec-articles/articles/exclusive-research-unlocking-reliable-crash-tracking-with-plcrashreporter-for-ios-sdks.md): Crash tracking is a vital part of mobile app development, helping developers detect, diagnose, and resolve issues that affect user experience. Let's debunk common myths about crash tracking in SDKs. - [🚀A Developer’s Guide to Implement End-to-End Encryption in Mobile Apps 🛡️](/appsec-articles/articles/a-developers-guide-to-implement-end-to-end-encryption-in-mobile-apps.md) - [How to Block Screenshots, Screen Recording, and Remote Access Tools in Android and iOS Apps](/appsec-articles/articles/how-to-block-screenshots-screen-recording-and-remote-access-tools-in-android-and-ios-apps.md): Tomáš Soukal provides an in-depth guide on how to block screenshots, screen recording, and remote access tools in Android, Flutter, React Native, and iOS apps. - [Flutter Security 101: Restricting Installs to Protect Your App from Unofficial Sources](/appsec-articles/articles/flutter-security-101-restricting-installs-to-protect-your-app-from-unofficial-sources.md) - [How to test a RASP? OWASP MAS: RASP Techniques Not Implemented \[MASWE-0103\]](/appsec-articles/articles/how-to-test-a-rasp-owasp-mas-rasp-techniques-not-implemented-maswe-0103.md): The updates in the OWASP Mobile Application Standard (MAS) for 2025 will incorporate a new MASWE called "RASP Techniques Not Implemented." Let us preview the contributed draft written by Talsec - [How to implement Secure Storage in Flutter?](/appsec-articles/articles/how-to-implement-secure-storage-in-flutter.md): This step-by-step guide outlines best practices for implementing secure data storage in Flutter applications, providing instructions for integration on both iOS and Android. - [User Authentication Risks Coverage in Flutter Mobile Apps | TALSEE](/appsec-articles/articles/user-authentication-risks-coverage-in-flutter-mobile-apps-or-talsee.md): Dive into our full guide as Himesh Panchal walks you through creating a robust and secure authentication flow! - [Fact about the origin of the Talsec name](/appsec-articles/articles/fact-about-the-origin-of-the-talsec-name.md): Talsec = Talos + Security - [React Native Secure Boilerplate 2024: Ignite with freeRASP](/appsec-articles/articles/react-native-secure-boilerplate-2024-ignite-with-freerasp.md): Boilerplate addressing vulnerabilities that standard setups often overlook. - [Flutter CTO Report 2024: Flutter App Security Trends](/appsec-articles/articles/flutter-cto-report-2024-flutter-app-security-trends.md) - [Mobile API Anti-abuse Protection with AppiCrypt®: A New Play Integrity and DeviceCheck Alternative](/appsec-articles/articles/mobile-api-anti-abuse-protection-with-appicrypt-r-a-new-play-integrity-and-devicecheck-alternative.md): A New Play Integrity (former SafetyNet) and DeviceCheck Attestation Alternative - [Hacking and protection of Mobile Apps and backend APIs | 2024 Talsec Threat Modeling Exercise](/appsec-articles/articles/hacking-and-protection-of-mobile-apps-and-backend-apis-or-2024-talsec-threat-modeling-exercise.md) - [Detect system VPNs with freeRASP](/appsec-articles/articles/detect-system-vpns-with-freerasp.md) - [Introducing Talsec’s advanced malware protection!](/appsec-articles/articles/introducing-talsecs-advanced-malware-protection.md) - [Fraud-Proofing an Android App: Choosing the Best Device ID for Promo Abuse Prevention](/appsec-articles/articles/fraud-proofing-an-android-app-choosing-the-best-device-id-for-promo-abuse-prevention.md) - [Enhancing Capacitor App Security with freeRASP: Your Shield Against Threats 🛡️](/appsec-articles/articles/enhancing-capacitor-app-security-with-freerasp-your-shield-against-threats.md): In an increasingly interconnected world, the need for robust application security has never been more critical. Capacitor, with its remarkable ability to build cross-platform apps using web technologi - [Safeguarding Your Data in React Native: Secure Storage Solutions](/appsec-articles/articles/safeguarding-your-data-in-react-native-secure-storage-solutions.md) - [Secure Storage: What Flutter can do, what Flutter could do](/appsec-articles/articles/secure-storage-what-flutter-can-do-what-flutter-could-do.md) - [🔒 Flutter Plugin Attack: Mechanics and Prevention](/appsec-articles/articles/flutter-plugin-attack-mechanics-and-prevention.md) - [Protecting Your API from App Impersonation: Token Hijacking Guide and Mitigation of JWT Theft](/appsec-articles/articles/protecting-your-api-from-app-impersonation-token-hijacking-guide-and-mitigation-of-jwt-theft.md) - [Build secure apps in React Native](/appsec-articles/articles/build-secure-apps-in-react-native.md) - [How to Hack & Protect Flutter Apps — Simple and Actionable Guide (Pt. 1/3)](/appsec-articles/articles/how-to-hack-and-protect-flutter-apps-simple-and-actionable-guide-pt.-1-3.md) - [How to Hack & Protect Flutter Apps — OWASP MAS and RASP. (Pt. 2/3)](/appsec-articles/articles/how-to-hack-and-protect-flutter-apps-owasp-mas-and-rasp.-pt.-2-3.md) - [How to Hack & Protect Flutter Apps — Steal Firebase Auth token and attack the API. (Pt. 3/3)](/appsec-articles/articles/how-to-hack-and-protect-flutter-apps-steal-firebase-auth-token-and-attack-the-api.-pt.-3-3.md) - [freeRASP meets Cordova](/appsec-articles/articles/freerasp-meets-cordova.md) - [Philosophizing security in a mobile-first world](/appsec-articles/articles/philosophizing-security-in-a-mobile-first-world.md) - [5 Things John Learned Fighting Hackers of His App — A must-read for PM’s and CISO’s](/appsec-articles/articles/5-things-john-learned-fighting-hackers-of-his-app-a-must-read-for-pms-and-cisos.md) - [Missing Hero of Flutter World](/appsec-articles/articles/missing-hero-of-flutter-world.md) - [Drafts](/appsec-articles/articles/drafts.md) - [OWASP Top 10 For Flutter – M9: Insecure Data Storage in Flutter & Dart (cleaned copy)](/appsec-articles/articles/drafts/owasp-top-10-for-flutter-m9-insecure-data-storage-in-flutter-and-dart-cleaned-copy.md) - [OWASP Top 10 For Flutter – M9: Insecure Data Storage in Flutter & Dart (cleaned copy)](/appsec-articles/articles/owasp-top-10-for-flutter-m9-insecure-data-storage-in-flutter-and-dart-cleaned-copy.md)