mobile-security
Safeguard articles tagged "mobile-security" — guides, analysis, and best practices for software supply chain and application security.
19 articles
Implementing SSL/TLS certificate pinning in Node.js
HTTP Public Key Pinning died in Chrome 67 back in 2018, yet Node.js apps still need pinning for mobile backends and server-to-server calls — here's how to do it without bricking your own API.
Dart and Flutter Security Best Practices: Storage, Transport, and the pub.dev Supply Chain
A Flutter binary ships to both stores from one codebase — including any hardcoded secret, any disabled TLS check, and any vulnerable pub.dev package. Here is how to close each gap.
Android application security best practices
A practical, evidence-based guide to Android app security: data storage, network hardening, SDK risk, and CI/CD signing, with concrete CVEs and stats.
Mobile App Security Testing with OWASP MASVS in 2026
How to build a practical mobile app security testing program around OWASP MASVS 2.1, with the verification techniques that actually catch real issues.
iOS app supply chain risk from third-party SDKs and ad li...
Third-party SDKs and ad libraries run inside your iOS app with your app's permissions. Here's how ios sdk supply chain risk hides in plain sight — and what Safeguard does about it.
Mobile app dependency vulnerability trends
Mobile apps now ship more third-party code than first-party. Safeguard's analysis breaks down where dependency vulnerabilities cluster and why.
Best software composition analysis tools for mobile appli...
A no-hype comparison of mobile SCA tools for scanning iOS and Android dependencies, generating SBOMs, and catching open-source vulnerabilities before release.
Cross-Platform App Supply Chain Risks You Cannot Ignore
Cross-platform frameworks multiply supply chain attack surfaces by combining multiple dependency ecosystems. Understanding these compounded risks is essential for modern mobile and desktop security.
Flutter and Dart Dependency Security: A Practical Guide
Flutter apps pull dozens of Dart packages from pub.dev. Most teams never audit them. Here is how to manage dependency security in the Flutter ecosystem without slowing down development.
Mobile Application Security Testing: Beyond the OWASP Mobile Top 10
Mobile apps have unique security challenges that web-focused tools miss entirely. Here is a practical testing methodology for iOS and Android.
Capacitor and Ionic Hybrid App Security: A Practical Guide
Capacitor-based hybrid apps blend web technologies with native device access. This combination creates a unique attack surface that requires specific security strategies.
React Native Security Considerations for Mobile Supply Chains
React Native introduces unique security challenges at the intersection of JavaScript and native mobile code. Understanding these risks is essential for securing cross-platform mobile applications.