TechTalk: Predictive Apps Protection with Sergiy Yakymchuk (Talsec)

The Talsec Mobile App Security Conference in Prague was a two-day, invite-only event on fraud, malware, and API abuse in modern mobile apps, held at Chateau St. Havel on November 3–4, 2025, and hosted by Talsec, freeRASP, and partners. It brought together leading experts and practitioners to strengthen the mobile AppSec community, connect engineers with attackers and defenders, and share practical techniques for high‑stakes sectors like banking, fintech, and e‑government.

In a recent presentation, Sergiy Yakymchuk, CEO of Talsec, discussed the evolution of mobile application security, moving beyond simple detection toward a framework of predictive safety. He outlined three essential pillars that form the foundation of a "safe choice" for vendors and end users alike: collective defense, predictability, and user awareness.

1. Collective Defense: The "Forest Metaphor"

Safety is fundamentally intuitive; humans feel more secure when facing a common enemy together. Effective digital defense is like a forest where trees communicate threats via a fungal network. When one part of the forest is attacked by pests or disease, other trees receive messages and generate protective chemicals.

Talsec applies this principle through a community-driven model:

• Vulnerability Sharing: Feedback from one user regarding a system vulnerability helps improve the platform for all.

• Data-Driven Improvements: Using data from community versions of tools, such as free RASP (Runtime Application Self-Protection), the system can identify false positives and conflicts with new OS updates across various devices.

• Structured Responsibility: Despite being a collective effort, there must be clear boundaries and mechanisms to define who is responsible for data and specific actions in various scenarios.

2. Predictability through Real-Time Risk Scoring

The ability to predict potential threats is a precondition for safety. In the context of business applications, this means delivering features that can anticipate anomalies and calculate risk scores before a transaction is completed.

Technological solutions supporting this include:

• AppCrypt: An SDK-based technology that creates a "cryptographical snapshot" of a device's security state. This cryptogram is verified on the backend in real-time to detect threats like debuggers or simulators.

• Device State API: A newer API-driven approach that allows businesses to check a device's security state at any time, independent of whether the user is currently using the app.

• Contextual Risk Scoring: Moving beyond simple integrity checks, Talsec is developing systems that consider contextual data, such as transaction amounts, recipient information, and location history to identify anomalies.

3. Awareness: Bridging the Gap with AI

The final pillar is awareness, ensuring that users and organizations have the information they need to defend themselves.

• Global Benchmarking: Talsec provides global statistics on threats, such as the prevalence of rooted devices, cloned apps, and integrity problems across different countries, allowing CTOs and CISOs to make informed decisions.

• AI-Enhanced Communication: Talsec is utilizing AI to translate technical signals (e.g., "device is in developer mode") into human-understandable language. This allows the platform to explain why a specific device state is risky and provide tailored advice based on the user's profile or culture.

An example use case involves blocking sensitive entry fields, such as credit card numbers, until a device security check is passed. If a high risk is detected—such as an SMS forwarder app that could steal an OTP—the user is informed through an AI-generated summary of exactly what they need to do to secure their device and proceed safely.

By combining these three pillars, organizations can move toward a more resilient and transparent security model that protects both the business and the end user.