For the past 19 years, E-SPIN has steadfastly dedicated itself to delivering exceptional services to our valued partners and customers. In alignment with E-SPIN’s ongoing commitment to excellence, we are thrilled to announce our latest partnership with Approov, a distinguished software company specializing in Mobile Application Security. Explore our exclusive interview with Pearce Erensel, Vice President of Sales at Approov as he shares his vision for enhancing mobile security for business and users.
1. Briefly introduce Approov. What is the background history of the formation of the company?
Approov is a team of passionate developers dedicated to making the future of mobile secure. From our offices in Edinburgh, Scotland (UK), and Palo Alto, California, we focus on developing the world’s most complete end-to-end solution for mobile app security from the device into the cloud. Approov is an essential component of mobile application security for major global organizations that serve millions of users annually. These organizations operate in various sectors, including eCommerce, financial services, healthcare, automotive, and gaming.
The company — founded as Critical Blue Limited — was formed in Silicon Glen to provide cutting-edge research and development in code optimization and microprocessor design technologies to the semiconductor industry. For more than 20 years, CriticalBlue has been providing advanced software capabilities to the biggest names in technology including Intel Corporation, Thales Group, Toshiba and Freescale.
In the mid-2010s, several projects related to the optimization of the Android runtime system for specific 64-bit chipsets added compiler optimization passes as well as runtime library enhancements to our platform. Android runtime consulting, coupled with our prior binary analysis and security consulting, led us to develop the key technology components that became Approov. The first commercial release of Approov was in 2017. We now serve a wide range and growing customer base.
Approov offers a comprehensive runtime security solution, known as RASP (Runtime Application Self-Protection), designed specifically for mobile apps and their APIs. This solution is unified across multiple platforms, including iOS, Android, and HarmonyOS.
In today’s business landscape, mobile apps have become crucial for organizations. Unfortunately, they also present potential vulnerabilities that can be exploited by attackers, leading to breaches, fraud, denial of service, and other forms of API abuse. Approov mitigates these risks by preventing automated attacks and the manipulation of mobile platforms by compromised or unauthorized apps. It accomplishes this by blocking unauthorized access attempts from scripts, bots, and fake or tampered apps.
2. Explain Approov as a solution. What are the factors that drive its innovation?
Approov stands out as a cutting-edge solution for mobile application security. What drives its innovation is a relentless commitment to addressing the evolving challenges in the mobile app landscape. The company constantly adapts to emerging technologies, user behaviors, and attack vectors, ensuring that Approov remains at the forefront of mobile app security. The dedication to innovation is deeply rooted in a proactive approach to anticipate and counteract emerging threats.
3. The threat landscape is ever-changing. How does Approov help enterprises in addressing these dynamic threat landscapes?
In the ever-changing threat landscape, Approov plays a pivotal role in assisting enterprises. Its dynamic runtime security solution, RASP, provides real-time protection by adapting to new threats and attack methods. Approov employs sophisticated algorithms to identify and thwart evolving attack patterns, ensuring that organizations using the solution are equipped to face the dynamic challenges of the cybersecurity landscape. Lastly, keeping up with the latest threats is only one piece of the equation. Approov enables enterprises to update their security posture, over-the-air, without their users needing to update their apps, ensuring our customers are secured against the latest threats with no friction to their users.
4. What differentiates Approov from other Mobile App Security solutions? Explain the benefits of Approov.
What sets Approov apart is its ability to perform mobile app attestation, app shielding and provide runtime application self-protection (RASP). It also offers just-in-time management of API keys, secrets, and certificates. This combination of features ensures exceptional operational convenience and robust security at scale for organizations using Approov.
Only Approov provides dynamic runtime mobile protection (RASP) that constantly verifies trust and mitigates evolving threats. We use a remote attestation approach, where the running app must prove itself to be genuine through a sequence of integrity measurements. These results are then sent to the Approov cloud service using a patented challenge-response protocol, immune from replay attacks. The Approov cloud makes the decisions, rather than allowing the decisions to be made on devices where they can be manipulated by skilled hackers. This approach is platform agnostic, which means one security architecture can be used across iOS, Harmony OS, or Android.
5. Can you provide specific examples or use cases where Approov has made a significant impact on enhancing the security posture of mobile applications, showcasing its effectiveness in real-world scenarios?
Approov has made a significant impact in real-world scenarios, enhancing the security posture of mobile applications. For instance, Approov Mobile App Protection provides a multi-factor, end-to-end mobile API security solution that complements identity management, endpoint, and device protection to lock-down proper API usage. Only safe and approved apps can successfully use your APIs. In the healthcare sector, bots and fake or tampered apps are all easily turned away and Protected Health Information (PHI) is protected. In the financial sector, Approov has successfully prevented fraudulent activities by detecting and blocking unauthorized access attempts. These examples underscore the effectiveness of Approov in diverse industries such as eCommerce, financial services, healthcare, automotive, and gaming.
6. Collaboration and integration are often key in the cybersecurity landscape. How does Approov work seamlessly with other security solutions, and what collaborative efforts do you foresee to further strengthen Approov’s capabilities in the future?
Approov is designed to work seamlessly with other security solutions, fostering a collaborative approach to cybersecurity. Its integration capabilities allow organizations to complement existing security infrastructure. Looking ahead, collaborative efforts involve strengthening ties with threat intelligence providers, enhancing compatibility with emerging technologies, and fostering interoperability with complementary security solutions. The goal is to create a united front against cyber threats.
Approov is dedicated to equipping its partners with the necessary sales and enablement tools and programs designed to help them thrive and achieve remarkable levels of success, including highly competitive gross profit margins. By partnering with Approov, partners can swiftly provide tangible value to their business, while unlocking a substantial and recurring revenue stream for your company. Partnering with Approov also enables its partners to deliver state-of-the-art mobile app security to their customers, effectively addressing their needs and adding significant value to their business. The partnership opens up new revenue opportunities while ensuring the utmost security for mobile apps in an increasingly interconnected world.
7. Tell us your vision for bringing Approov forward. How do you see Approov in the future?
The vision for Approov involves continuous evolution and innovation to stay ahead of emerging threats. This includes further advancements in mobile app attestation, app shielding, under RASP solution. Approov envisions becoming a cornerstone in the mobile security landscape. The future holds a proactive and adaptive Approov, continually enhancing its capabilities to meet the evolving needs of organizations in an increasingly complex mobile environment.