SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Approov expands attestation network to fight AI attacks

Approov expands attestation network to fight AI attacks

Thu, 16th Jul 2026 (Today)
Joseph Gabriel Lagonsin
JOSEPH GABRIEL LAGONSIN News Editor

Approov has released version 3.6 of its attestation platform, expanding its global infrastructure for mobile app and API security.

The update is intended to address a rise in attacks in which AI systems imitate legitimate mobile applications and send API traffic from scripts, emulators and server farms.

Based in Edinburgh and Palo Alto, Approov processes billions of verifications for customers in sectors including banking, healthcare, retail and automotive. Those checks are designed to confirm that API requests come from an authentic app running on a safe device, rather than from an impersonated client.

The latest release adds regional attestation infrastructure in Mexico, with a Milan region also included in the network expansion. The broader footprint is intended to reduce response times for users in Central America, the southern United States, Southern Europe, the Middle East and parts of Africa.

The network runs across multiple cloud providers with automatic failover, allowing traffic to be routed through alternative infrastructure if one provider has an issue. This structure is intended to maintain low latency as attestation volumes increase.

Attack shift

The announcement reflects a wider shift in how mobile APIs are targeted. Rather than attacking through a genuine mobile app, many current attacks rely on reproducing app traffic elsewhere and making it appear to come from real devices.

That matters because mobile applications often handle customer information and account access in industries where fraud and data misuse can have immediate financial or operational consequences. In those cases, API requests that appear legitimate can be difficult for conventional security tools to distinguish from normal user activity.

Version 3.6 adds direct integration with security information and event management systems including Splunk and Sentinel. Backend systems can decode app and device threat signals locally and feed those results into a customer's broader security monitoring environment.

The platform also adds what Approov describes as forgery detection, intended to help backend teams verify whether tokens are valid, invalid or signed by an attacker. It also introduces automated retrieval and deployment of the secrets and keys used by backend systems, reducing manual secret rotation work.

Policy control

Another part of the update focuses on how security teams apply new rules. Customers can now roll out a defence to a limited share of traffic, observe the impact, and then expand it if the policy behaves as expected.

This approach is intended to reduce the risk that a security change blocks legitimate users while teams respond to a new threat pattern. For companies whose mobile apps support daily banking, shopping, healthcare access or connected car services, avoiding unnecessary disruption is often as important as blocking malicious traffic.

The release also includes updated monitoring and alerting. Customers can configure alerts for spikes in failed verifications, while a broader anomaly detection system monitors pass and fail patterns across the customer base to identify wider problems.

In a statement, Ted Miracco, chief executive officer of Approov, linked the product changes to a shift in the cost and speed of attacks.

"Agentic AI has changed the economics of attacking mobile APIs. Attacks that once took weeks of engineering can now be launched in minutes, and they adapt faster than signature-based defenses can respond," said Ted Miracco, chief executive officer of Approov.

He added that customer demand for attestation has increased as these attacks become harder to distinguish from genuine app activity.

"Our enterprise customers are scaling to unprecedented attestation volumes precisely because attestation exposes these impersonation attacks at the source. Approov 2026 ensures they get that protection with imperceptible latency, anywhere in the world," Miracco said.

Approov's chief technology officer, Jae Hossell, said the update was shaped by the pace of change in the threat environment and by operational concerns within security teams.

"This release is a direct response to how fast the threat landscape is moving. We've expanded the edge network, automated threat intelligence sharing for enterprise SOCs, and made deploying new security policies entirely risk-free. Security teams shouldn't have to choose between reacting quickly and protecting their users' experience," Hossell said.

The release also includes backend support for Huawei's HarmonyOS, which is in internal validation.