Upwardly Mobile – API & App Security News
Upwardly Mobile - API & App Security News
Podcast Description
Dive into the high-stakes world of mobile app development and API security with Upwardly Mobile, your ultimate guide to defending apps in today’s volatile digital landscape. Hosted by Skye Macintyre and George McGregor, and proudly sponsored by Approov, the leaders in mobile app attestation and API security, this podcast unpacks the evolving threats and innovative solutions shaping mobile security.Explore why the built-in protections from tech giants like Apple, Google, and Huawei often fall short, leaving sensitive data vulnerable. Learn how advanced techniques—like runtime attestation and dynamic API security—thwart attackers and secure your app ecosystem. Each episode delivers insights into major data breaches, emerging trends, and actionable strategies to fortify your apps and APIs against ever-advancing cyber threats.From development best practices to navigating compliance and regulation, Upwardly Mobile equips mobile developers, security professionals, and tech enthusiasts with the knowledge to safeguard their creations. Stay informed, stay secure, and stay ahead with expert guidance on the future of mobile cybersecurity.Subscribe now on Spotify and Apple Podcasts, and elevate your security game!
Podcast Insights
Content Themes
The podcast covers topics such as mobile app security, API vulnerabilities, compliance with regulations like HIPAA and GDPR, and the implications of tech giants' app store policies. Example episodes include detailed discussions on the risks of mobile spyware like Pegasus, the impact of China’s app distribution regulations, and effective strategies for securing financial apps against data breaches.
Think the App Store’s built-in security is enough? Think again.
Welcome to Upwardly Mobile, the podcast that exposes the gaps in iOS, Android, and HarmonyOS security. Hosts Skye and George take you into the high-stakes world of mobile defense, revealing why standard protections from Apple, Google, and Samsung often leave your sensitive data exposed. Sponsored by Approov—the gold standard in mobile app attestation—we move beyond the basics to tackle weaponized AI threats and dynamic API attacks. From runtime attestation to navigating complex compliance regulations, we equip developers and security pros with the actionable strategies needed to thwart attackers. Don’t leave your app vulnerable.
Subscribe now on Spotify and Apple Podcasts to elevate your security game.
Episode Summary: Welcome back to “Upwardly Mobile”! In this episode, we dive deep into the rapidly evolving mobile threat landscape defined by the rise of “Agentic AI.” With Android 17 set to transform our smartphones into active, on-device AI orchestrators by Summer 2026, the security stakes have never been higher. We unpack the alarming findings from the 2026 Cloudflare Threat Report, which highlights the total industrialization of cyber threats and how attackers are using AI as a massive force multiplier.
We also explore why legacy bot defenses—like rate limiting, CAPTCHAs, and behavioral biometrics—are completely failing against modern AI bots that can dynamically rewrite code and mimic human behavior with 99% accuracy. Finally, we discuss how the integration of Cloudflare’s edge network with Approov’s deterministic device attestation is providing the ultimate defense-in-depth architecture to stop mobile API abuse at the source.
If you are attending the RSA Conference (RSAC) in San Francisco this March 2026, be sure to catch up with our sponsors at Approov to learn how to future-proof your mobile architecture!
Key Takeaways:
- The Android 17 Revolution: Android 17 shifts the OS from a reactive tool to an active “agent phone” that orchestrates multi-step workflows across apps. While this brings massive benefits in speed and privacy, it also dramatically expands the attack surface for prompt injections and cross-app data leakage.
- The Industrialization of Cyber Threats: The 2026 Cloudflare Threat Report reveals that AI has lowered the barrier to entry for highly effective cyber operations, moving the industry toward automated, machine-speed exploits.
- The Death of Legacy Bot Defenses: Legacy probabilistic defenses like WAFs and CAPTCHAs are failing because multimodal LLM agents can now solve logic puzzles and mimic human “thumb jitter” perfectly.
- Cryptographic Proof of Life: To stop agentic AI, security must shift from asking “Is this a bot?” to demanding deterministic, cryptographic proof of the device and app’s integrity.
- A New Defense-in-Depth: Combining Cloudflare’s global edge network with Approov’s deep runtime analysis and “Zero Secrets” architecture ensures that only untampered, legitimate app instances can access your APIs.
Sponsor Links:
- Secure your Mobile APIs today: Visit approov.com to learn how to eliminate hardcoded secrets and implement deterministic device attestation.
Source Materials & Further Reading:
- Android 17: Android Is Becoming an Agent – Are you ready?
- 2026 Cloudflare Threat Report: How adversaries are weaponizing the Internet
- When the Bot Has a Brain: Defending Mobile APIs in the Era of Agentic Attackers (Approov RSAC 2026 Presentation)
- See You at RSA 2026: Let’s Talk Stopping Mobile API Abuse at the Source
Keywords for SEO: Agentic AI, Mobile API Security, Android 17, Cloudflare Threat Report 2026, Approov, Bot Mitigation, RSA Conference 2026, Cybersecurity, Device Attestation, Zero Secrets Architecture, AI Bots, Malware Defense, Prompt Injection, API Abuse.
🎙️ Upwardly Mobile is hosted by Skye & George. 🛡️ Sponsored by Approov: The only comprehensive solution for mobile app and API security. 👉 Subscribe & Review:Upwardly Mobile | Podcast
This episode includes AI-generated content.
Disclaimer
This podcast’s information is provided for general reference and was obtained from publicly accessible sources. The Podcast Collaborative neither produces nor verifies the content, accuracy, or suitability of this podcast. Views and opinions belong solely to the podcast creators and guests.
For a complete disclaimer, please see our Full Disclaimer on the archive page. The Podcast Collaborative bears no responsibility for the podcast’s themes, language, or overall content. Listener discretion is advised. Read our Terms of Use and Privacy Policy for more details.