Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX


NIST Publishes Mobile App Security Recommendations

The report says enterprises shouldn't trust that app stores have done a good job checking the security of the apps they make available.




How to Help Your Business Become an AI Early Adopter

The National Institute of Standards and Technology (NIST) has released a new report titled "Vetting the Security of Mobile Applications." The report urges enterprises to put apps through a "vetting" process that includes security testing before allowing employees to use them.

"This process is performed on an app after the app has been developed and released for distribution but prior to its deployment on an organization’s mobile device," the NIST wrote. "An app vetting process acknowledges the concept that someone other than the software vendor is entitled to evaluate the software’s behavior, allowing organizations to evaluate software in the context of their own security policies, planned use, and risk tolerance."

The report points out that the mobile development industry hasn't always done a good job with security, and says that enterprises shouldn't rely on app stores or other third parties to verify security. It details the types of vulnerabilities enterprise testers should look for as well as the kind of tests that can find them.

View article

Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date