Date Published: July 2018
Comments Due:
Email Questions to:
Author(s)
Michael Ogata (NIST), Joshua Franklin (NIST), Jeffrey Voas (NIST), Vincent Sritapan (DHS), Stephen Quirolgico (DHS)
Announcement
Draft Special Publication (SP) 800-163 Revision 1 updates a process for vetting mobile applications. This process can be used to ensure that mobile apps conform to an organization's security requirements and are reasonably free from vulnerabilities.
Revision 1 updates this publication to address changes in the mobile landscape. Guidance has been expanded to better define the app vetting process as a whole, while providing greater detail about the roles, capabilities, and strategies of mobile application testing. Security requirements and references have been added to aid organizations in defining their own app vetting policy. Finally, a brief discussion of the mobile app threat landscape is included to better contextualize the need for app vetting.
Mobile applications have become an integral part of our everyday personal and professional lives. As both public and private organizations rely more on mobile applications, securing these mobile applications from vulnerabilities and defects becomes more important. This paper outlines and details a mobile application vetting process. This process can be used to ensure that mobile applications conform to an organization’s security requirements and are reasonably free from vulnerabilities.
Mobile applications have become an integral part of our everyday personal and professional lives. As both public and private organizations rely more on mobile applications, securing these mobile applications from vulnerabilities and defects becomes more important. This paper outlines and details a...
See full abstract
Mobile applications have become an integral part of our everyday personal and professional lives. As both public and private organizations rely more on mobile applications, securing these mobile applications from vulnerabilities and defects becomes more important. This paper outlines and details a mobile application vetting process. This process can be used to ensure that mobile applications conform to an organization’s security requirements and are reasonably free from vulnerabilities.
Hide full abstract
Keywords
app vetting; app vetting system; malware; mobile applications; mobile security; niap; security requirements; software assurance; software vulnerabilities; software testing
Control Families
Planning; Risk Assessment; System and Communications Protection
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
