Tips & Tricks for Unmasking Ghoulish API Behavior

2021-09-30 17:56

I was analyzing one of my customer's API traffic the other day and I noticed something odd about the devices that were using the mobile application API. I found standard browsers like Firefox and Chrome hitting API endpoints that should only be touched by their mobile-application communication.

On a mobile application, the development staff will create a user agent for their application.

Which is helpful, because I recommend that the API endpoints that the mobile applications and the web applications be completely different.

The only communication that should be touching your mobile application are the mobile applications installed on your user's phones.

If you are seeing crawlers on your mobile application, you might have a problem elsewhere.

Having a systematic way to review these items and raise alarms, if needed, can effectively minimize the malicious traffic on your web and mobile applications.

News URL

https://threatpost.com/unmasking-ghoulish-api-behavior/175253/

#API