Safeguard
Tag

mobile-security

Safeguard articles tagged "mobile-security" — guides, analysis, and best practices for software supply chain and application security.

19 articles

Application Security

Implementing SSL/TLS certificate pinning in Node.js

HTTP Public Key Pinning died in Chrome 67 back in 2018, yet Node.js apps still need pinning for mobile backends and server-to-server calls — here's how to do it without bricking your own API.

Jul 8, 20266 min read
Security Guides

Dart and Flutter Security Best Practices: Storage, Transport, and the pub.dev Supply Chain

A Flutter binary ships to both stores from one codebase — including any hardcoded secret, any disabled TLS check, and any vulnerable pub.dev package. Here is how to close each gap.

Jul 7, 20266 min read
Application Security

Android application security best practices

A practical, evidence-based guide to Android app security: data storage, network hardening, SDK risk, and CI/CD signing, with concrete CVEs and stats.

Apr 29, 20266 min read
Mobile Security

Mobile App Security Testing with OWASP MASVS in 2026

How to build a practical mobile app security testing program around OWASP MASVS 2.1, with the verification techniques that actually catch real issues.

Apr 25, 20266 min read
Software Supply Chain Security

iOS app supply chain risk from third-party SDKs and ad li...

Third-party SDKs and ad libraries run inside your iOS app with your app's permissions. Here's how ios sdk supply chain risk hides in plain sight — and what Safeguard does about it.

Jan 30, 20268 min read
Open Source Security

Mobile app dependency vulnerability trends

Mobile apps now ship more third-party code than first-party. Safeguard's analysis breaks down where dependency vulnerabilities cluster and why.

Nov 9, 20257 min read
Buyer's Guides

Best software composition analysis tools for mobile appli...

A no-hype comparison of mobile SCA tools for scanning iOS and Android dependencies, generating SBOMs, and catching open-source vulnerabilities before release.

Nov 9, 20257 min read
Software Supply Chain Security

Cross-Platform App Supply Chain Risks You Cannot Ignore

Cross-platform frameworks multiply supply chain attack surfaces by combining multiple dependency ecosystems. Understanding these compounded risks is essential for modern mobile and desktop security.

Sep 5, 20247 min read
Developer Security

Flutter and Dart Dependency Security: A Practical Guide

Flutter apps pull dozens of Dart packages from pub.dev. Most teams never audit them. Here is how to manage dependency security in the Flutter ecosystem without slowing down development.

Mar 12, 20246 min read
Application Security

Mobile Application Security Testing: Beyond the OWASP Mobile Top 10

Mobile apps have unique security challenges that web-focused tools miss entirely. Here is a practical testing methodology for iOS and Android.

Mar 8, 20246 min read
Application Security

Capacitor and Ionic Hybrid App Security: A Practical Guide

Capacitor-based hybrid apps blend web technologies with native device access. This combination creates a unique attack surface that requires specific security strategies.

Mar 5, 20247 min read
Application Security

React Native Security Considerations for Mobile Supply Chains

React Native introduces unique security challenges at the intersection of JavaScript and native mobile code. Understanding these risks is essential for securing cross-platform mobile applications.

Nov 5, 20237 min read
mobile-security — Safeguard Blog