-

Approov Expands Global Infrastructure to Counter the New Wave of Agentic AI Attacks on Mobile APIs

Approov 2026 (Version 3.6) adds new edge capacity, real-time threat intelligence for enterprise security teams, and zero-risk policy deployment as AI-driven attack traffic pushes attestation volumes to record levels.

EDINBURGH, Scotland--(BUSINESS WIRE)--Attackers are no longer writing bots by hand. Agentic AI systems can now probe mobile APIs, mimic legitimate app behavior, and adapt to defenses in real time - at a scale no human-operated botnet could match. Today Approov, the leader in mobile app and API security, announced Approov 2026 3.6, a major global attestation platform upgrade built to meet that threat head-on, combining expanded global infrastructure with the deep, real-time visibility enterprise security teams need to detect and shut down AI-driven attacks as they happen.

Mobile API attacks that took weeks of engineering can now be launched in minutes and adapt faster than signature-based defenses can respond. Approov 2026 attestation exposes these impersonation attacks at the source, protecting with imperceptible latency.

Share

The release arrives as Approov processes record attestation volumes for organizations whose mobile apps handle their customers' most sensitive data - banks, healthcare providers, retailers, and automakers - billions of verifications confirming that every API request comes from a genuine, untampered app on a safe device. Agentic AI attacks rarely run inside the real mobile app; instead, they impersonate it, replaying its API traffic from scripts, emulators and server farms while masquerading as genuine mobile devices. Attestation cuts through that disguise by requiring each request to prove it originates from the authentic app on a real device - proof that a spoofed client running in a data center cannot supply.

“Agentic AI has changed the economics of attacking mobile APIs. Attacks that once took weeks of engineering can now be launched in minutes, and they adapt faster than signature-based defenses can respond,” said Ted Miracco, CEO of Approov. “Our enterprise customers are scaling to unprecedented attestation volumes precisely because attestation exposes these impersonation attacks at the source. Approov 2026 ensures they get that protection with imperceptible latency, anywhere in the world.”

New Global Infrastructure for Ultra-Low Latency

Approov has deployed new regional attestation infrastructure in Mexico, with a Milan region following shortly, expanding a global network that already spans North America, South America, Europe, and Asia-Pacific. The new regions cut response times for users across Central America, the southern United States, Southern Europe, the Middle East, and parts of Africa. The Approov attestation network runs across multiple independent cloud providers with automatic failover, using intelligent traffic routing to minimize latency worldwide. As attestation volumes surge, the expanded edge network keeps security checks invisible to legitimate users - protection without friction.

Real-Time Threat Intelligence, Straight into the SOC

Approov turns every protected API into a sensor for AI-driven attack activity, unlocking advanced logging and security use cases:

  • Direct SIEM integration. Backend systems can now decode Approov’s device and app threat signals locally - no extra round trip to Approov servers - and pass detection results directly into Splunk, Sentinel or any SIEM correlated with other request data.

  • Forgery detection. Message Signatures on each network request ensure the origin of the request data verified with a cryptographic key from the device. Additional key and secret visibility allow verification of attestation ‘pass’ JWT tokens, validly signed ‘fail’ JWT tokens, and invalid or attacker-signed forged tokens - a critical signal when AI agents attempt to counterfeit credentials at scale.

  • Hands-off secret rotation. Setup automated retrieval and deployment of the secrets and keys that backend systems require to secure your mobile APIs, enabling fully automated secret rotation with no manual intervention and no maintenance window.

Deploy New Defenses Without Risking Real Users

Responding to a new attack pattern has always carried a hidden cost: a security policy that blocks attackers can also lock out legitimate customers. Approov 2026 replaces all-or-nothing policy updates with gradual rollouts. Security teams can deploy a new defense to a small slice of traffic, watch its real-world impact live, and expand with confidence - making it safe to respond aggressively to fast-moving AI threats.

Early Warning Before Incidents Escalate

An updated monitoring and alerting suite give both customers and Approov’s own engineers advance notice of trouble:

  • Customer-configurable alerts flag unusual spikes in failed verifications - whether caused by an emerging attack or a third-party network anomaly - so teams can act before failover systems are needed.

  • Global anomaly detection watches pass/fail patterns across Approov’s entire customer base. If multiple accounts show simultaneous failures, Approov’s on-call engineers are paged automatically, turning isolated signals into ecosystem-wide early warning.

“This release is a direct response to how fast the threat landscape is moving,” said Jae Hossell, CTO of Approov. “We’ve expanded the edge network, automated threat intelligence sharing for enterprise SOCs, and made deploying new security policies entirely risk-free. Security teams shouldn’t have to choose between reacting quickly and protecting their users’ experience.”

Looking Ahead: HarmonyOS Readiness

The release also activates backend support for Huawei’s HarmonyOS platform, now in internal validation, positioning Approov to deliver enterprise-grade protection ahead of the platform’s full market expansion.

Availability

The Approov 2026 backend upgrade is rolling out automatically to all enterprise customers. Documentation for the new SIEM integration, gradual rollout, and automated secret rotation capabilities is available in the updated Approov CLI documentation. For more information, visit approov.com.

About Approov

Approov is a comprehensive runtime security solution for mobile apps and their APIs, protecting against automated attacks, credential stuffing, and API abuse. By verifying that every request comes from a genuine, untampered app running on a safe device, Approov stops attackers — human or AI — in their tracks while ensuring a frictionless experience for legitimate users.

Contacts

Media Contact:
Dan Chmielewski
Madison Alexander PR
949 231 2965
dchm@madisonalexanderpr.com

More News From Approov

Approov Turbocharges Global Security: Cloudflare Argo Smart Routing Halves Latency for Next-Gen Mobile Attestation

EDINBURGH, Scotland--(BUSINESS WIRE)--Approov, a leading provider of mobile app and API security solutions, today announced significant strategic expansion of its global network infrastructure, positioning its unique cloud-based mobile app and device attestation platform as the essential defense against rapidly evolving AI-based API threats. This expansion includes the deployment of Cloudflare's Argo Smart Routing technology across its multi-cloud network, which is supported by Amazon Web Servi...

Approov Launches Next Generation Attestation to Secure Mobile Apps Against Threats from AI and Meet New EU Regulations

EDINBURGH, Scotland--(BUSINESS WIRE)--Approov, the leader in mobile API security, today announced the launch of Approov 3.5, a significant platform update designed to protect businesses and their customers from a new wave of mobile threats. The release directly addresses security challenges posed by regulations like the EU’s Digital Markets Act (DMA) and the rise of sophisticated AI-driven attacks. The mobile landscape is changing dramatically. New rules are opening up app distribution beyond t...

Approov Closes £5M Series A Funding to Redefine Mobile App Security for the AI Era in Round Led by Maven Capital Partners

EDINBURGH, Scotland & PALO ALTO, Calif.--(BUSINESS WIRE)--Approov Limited, a leading innovator in mobile app and API security, has successfully closed a £5 million (US$ 6.7 million) Series A funding round. The investment, spearheaded by the Investment Fund for Scotland, managed by Maven Capital Partners (“Maven”), also saw participation from Souter Investments, and existing investors Lanza techVentures and Scottish Enterprise. This funding milestone enables Approov to bolster its Research &...
Back to Newsroom