Approov Runtime Application Self Protection (RASP) is a comprehensive mobile app and API security solution that operates at runtime across Android, iOS, and HarmonyOS platforms. It provides six core security capabilities: app attestation to verify app authenticity and device integrity, real-time threat intelligence for visibility into deployed app environments, dynamic certificate pinning to block Man-in-the-Middle (MitM) attacks with over-the-air pin updates, runtime secrets protection to eliminate hardcoded API keys and secrets from app binaries, API security to defend backend APIs against abuse, credential stuffing, fake botnet registrations, and DDoS attacks, and API shielding to detect unsafe client environments such as rooted/jailbroken devices, debuggers, emulators, and malicious frameworks. Integration is achieved via an SDK and networking interceptor model that automatically appends Approov tokens or secured API keys to API requests. Dynamic certificate pinning is applied automatically. App versions are registered using a command-line tool. Quickstart guides are available for a wide range of mobile development platforms including Android (Kotlin, Java), iOS (Swift, Objective-C), Flutter, React Native, Ionic, Cordova, MAUI, Xamarin, KMM, Unity, Mendix, and NativeScript.