Talsec

Explore how threshold cryptography redefines key security beyond single‑device trust — with insights from Jan Kvapil (MUNI).
🔐 Multi‑device signing, share‑based key protection, and real‑world defenses.
📖 Read here: docs.talsec.app/appsec-artic...

#Security #Crypto #AppSec

📌 Read article on fingerprinting & device intelligence at Talsec AppSec — and it’s a must-think for anti-fraud strategy.

🎯 It’s not enough to collect data → you must interpret it with context + business logic to balance risk mitigation with user experience.

🔗 Article: buff.ly/LOEY9Ny

Video injection is one of the main attacks in KYC. Letting attackers feed fake video streams into verification systems to steal identities at scale.

Our latest article describes how Talsec can help against this attack.
👉 docs.talsec.app/appsec-artic...

Cloudflare’s Anatol Nikiforov shared powerful insights on today’s AppSec challenges — from AI-powered bots to the rise of residential proxies.

If you care about real-world security trends and how defenders are responding, check out this recap:
🔗 docs.talsec.app/appsec-artic...

Security works best as a team sport. 🤝🔐
Tomáš Soukal’s keynote breaks down community-driven security as collective defense—and why sharing insights strengthens mobile protection at scale.
docs.talsec.app/appsec-artic...

Keynote: 20 Minutes to Banking-Grade with Mateusz Wojtczak (LeanCode) | AppSec Articles The Talsecarrow-up-right Mobile App Security Conference in Prague was a two-day, invite-only event on fraud, malware, and API abuse in modern mobile apps, held at Chateau St. Havel on November 3–4,…

🚀 Can Flutter really be banking-grade secure?

In this keynote recap from Talsec’s Mobile App Security Conference (Prague, Nov 3–4, 2025), Mateusz Wojtczak (Leancode) breaks down why the biggest “Flutter isn’t secure” argument is mostly a misconception.

📌 Article: docs.talsec.app/appsec-artic...

Keynote: Raising the Bar with Software Protection with Béatrice Creusillet (Quarkslab) | AppSec Articles The Talsecarrow-up-right Mobile App Security Conference in Prague was a two-day, invite-only event on fraud, malware, and API abuse in modern mobile apps, held at Chateau St. Havel on November 3–4,…

In Béatrice Creusillet’s (Quarkslab) case study: Pwn2Own EV charger attack took ~33 person-days with only light protection. Layering defenses changes everything.

Read the article:

Year in Talsec RASP SDK: Highlights from 2025 | AppSec Articles This year, we confirmed our position as #1 RASP with top root detection. We embraced Kotlin Multiplatform and gaming engines like Unity and Unreal Engine, while finally delivering the long-awaited…

New platforms, smarter tools, and stronger security. In 2025, we brought Talsec to gaming engines and introduced the Talsec Portal for real-time security intelligence.

We are ready for the next big thing in mobile development. Here is to a secure 2026! 🥂

Full summary here:

Keynote: Red Teaming in Practice with Adam Žilla (Haxoris) | AppSec Articles The Talsec Mobile App Security Conference in Prague was a two-day, invite-only event on fraud, malware, and API abuse in modern mobile apps, held at Chateau St. Havel on November 3–4, 2025, and…

How do you hack a network with a perfect firewall? You walk in the front door. 🚪

Adam Žilla from Haxoris reveals how a "fire safety inspector" disguise and a hidden Raspberry Pi led to total domain compromise.

Read the full attack chain👇
docs.talsec.app/appsec-artic...

Keynote: Discovering the Power of AI Pentesting with Pedro Conde (Ethiack) | AppSec Articles The Talsec Mobile App Security Conference in Prague was a two-day, invite-only event on fraud, malware, and API abuse in modern mobile apps, held at Chateau St. Havel on November 3–4, 2025, and…

AI Pentesting isn’t the future. It’s already here.

@ethiack.com Hackian hackbot compromised a genetics platform in <4h, finding critical bugs humans missed.

Key takeaway: AI finds different vulnerabilities. Test before “bad guys” do.

New in this version:
🛡️ Anti-Tamper: New killOnBypass config to terminate the app if callbacks are hooked (Android).
⏰ Time Spoofing: Detect if device time is manipulated.
📶 Unsecure WiFi: Detect open/risky networks.
✅ State Management: New allChecksFinished callback.

Release freeRASP 4.3.0 · talsec/Free-RASP-ReactNative Android SDK version: 17.0.1 iOS SDK version: 6.13.0 React Native Added Added killOnBypass to TalsecConfig that configures if the app should be terminated when the threat callbacks are suppressed/...

🚀 Big Update for freeRASP React Native!

Secure your app against smarter threats with our latest release.

Update now
github.com/talsec/Free-...

What's new?👇

Jailbroken devices break the security model your Capacitor app relies on — sandboxing, code signing, filesystem integrity.

freeRASP adds reliable jailbreak detection to Capacitor with zero native hassle.

Full guide: docs.talsec.app/appsec-artic...

Frida is one of the easiest ways to hook, patch, and reverse-engineer mobile apps — including Capacitor apps.

FreeRASP for Capacitor lets you detect Frida and fight against it.

Hybrid doesn’t have to mean unprotected.
🔗 docs.talsec.app/appsec-artic...

🚀 Securing Kotlin Multiplatform apps just got easier!

You can now integrate freeRASP directly into your KMP projects. Detect threats like tampering, hooking, and code injection, whether on Android or iOS.

🔗 Start protecting your KMP apps today:
docs.talsec.app/appsec-artic...

#Cloudflare went down today. Again.

Your security doesn’t have to go down with it.

AppiCryptWeb = cryptographic trust for your API, independent of your CDN or WAF 🔐

Full article here:
🔗 docs.talsec.app/appsec-artic...

React Native apps need reliable detection to prevent data extraction, tampering, and traffic manipulation.

This guide explains the basic detection methods and the integration of our SDK.

Read more:
🔗 docs.talsec.app/appsec-artic...

React Native apps are great... until they run on a jailbroken device.

Here’s a clear, high-level look at how to detect it and why RASP fills the gaps iOS leaves open:

🔗 docs.talsec.app/appsec-artic...

📱 Still relying on basic root checks for your Android app? Magisk's "systemless" root can easily bypass them.

Learn why standard detection fails and how to implement robust protection against modern root hiding techniques. 🛡️

Read the guide here: 👇 docs.talsec.app/appsec-artic...

Frida is one of the go-to tools attackers use to hook into mobile apps, bypass logic, or extract sensitive data.

If your React Native app isn’t monitoring for these attacks, it’s basically running with the doors unlocked.

🔒 Learn how to detect Frida:
docs.talsec.app/appsec-artic...

Your app may be secure — but the Wi-Fi your users connect to might not be.

Weak networks = MITM risks, data leaks, and broken trust.

Here’s how to detect unsafe Wi-Fi inside your app 👇
docs.talsec.app/appsec-artic...

If your Android app handles sensitive data, Developer Mode shouldn’t go unnoticed.

A simple check can help you spot risky, debuggable environments before attackers do.

Learn how 👉
docs.talsec.app/appsec-artic...

💡 The future is data-driven, but is your app ready for it?

As more systems shift toward data-centric architectures, one thing becomes clear: your application is only as secure as the APIs it talks to. And today’s attackers know it.

🔗 Full article:
docs.talsec.app/appsec-artic...

App tampering and repackaging allow attackers to inject malware or bypass in-app purchases in your Android app.

Learn how to detect integrity breaches and block repackaged apps in our latest article:
🔗 docs.talsec.app/appsec-artic...

#AndroidDev #AppSec #Kotlin #MobileDevelopment #InfoSec

🎮 Game devs, are you leaving your revenue exposed?

Discover FreeRASP for Unreal Engine – a free, lightweight RASP solution that protects your games from runtime attacks without slowing them down. 🔒⚡

Read more:
docs.talsec.app/appsec-artic...

Magisk and Shamiko might sound cool… but in the wrong hands, they’re dangerous.

Your Flutter app could be tampered with in seconds.

Find out how to secure it:
docs.talsec.app/appsec-artic...

#Flutter #Android #Security #Root

New article out: How to Detect Jailbreak on Flutter — ideal for devs and AppSec pros who want to keep their Flutter apps secure on compromised devices.

🌐 docs.talsec.app/appsec-artic...

#Flutter #MobileSecurity #AppSec #DevSecOps #Jailbreak

Exciting news for all Kotlin Multiplatform developers!

🚀 We’re proud to announce that freeRASP for Kotlin Multiplatform is launching soon. We heard the community’s call for a security solution built specifically for your KMP projects.

Stay tuned!

#kotlin #kmp #multiplatform

How to Detect Screen Capture & Recording using Kotlin | AppSec Articles Stop data leaks before they happen. Protect your Android app from unwanted screenshots and recordings.

Your app’s screen might not be as private as you think 👀

Learn how to detect screen capture & recording in Kotlin. Protect sensitive data before it’s too late.

🔗 docs.talsec.app/appsec-artic...

#Kotlin #AndroidDev #AppSec #Cybersecurity #MobileSecurity

How to Detect Emulator in Kotlin | AppSec Articles Fake users, fraudsters, and reverse engineers love emulators. Here’s how to stop them.

🛡️ Emulators make attacks easier — unless your app knows how to detect them.

Learn how to identify emulator environments in Kotlin and protect your app.
🔗 docs.talsec.app/appsec-artic...

#CyberSecurity #AppSecurity #Kotlin #AndroidApps #Talsec