Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

NIST Publishes Mobile App Security Recommendations

The report says enterprises shouldn't trust that app stores have done a good job checking the security of the apps they make available.


advertisement

The National Institute of Standards and Technology (NIST) has released a new report titled "Vetting the Security of Mobile Applications." The report urges enterprises to put apps through a "vetting" process that includes security testing before allowing employees to use them.

"This process is performed on an app after the app has been developed and released for distribution but prior to its deployment on an organization’s mobile device," the NIST wrote. "An app vetting process acknowledges the concept that someone other than the software vendor is entitled to evaluate the software’s behavior, allowing organizations to evaluate software in the context of their own security policies, planned use, and risk tolerance."

The report points out that the mobile development industry hasn't always done a good job with security, and says that enterprises shouldn't rely on app stores or other third parties to verify security. It details the types of vulnerabilities enterprise testers should look for as well as the kind of tests that can find them.



View article



   
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
Thanks for your registration, follow us on our social networks to keep up-to-date