Nist Mobile Application Security Checklist

Corporation paul black and irena bojanova of nist the department of homeland security dhs and the department of justice doj.

Nist mobile application security checklist.

Mobile applications are an integral part of our everyday personal and professional lives. As both public and private organizations rely more on mobile applications ensuring that they are reasonably free from vulnerabilities and defects becomes paramount. Mobile applications have become an integral part of our everyday personal and professional lives. This paper outlines and details a mobile application vetting process.

National checklist program repository. Government repository of publicly available security checklists or benchmarks that provide detailed low level guidance on setting the security configuration of operating systems and applications. This publication is intended for users and developers of it product security configuration checklists. Finally special thanks to the defense advanced research projects agency darpa transformative applications transapps program for funding nist research in mobile app security vetting.

The original document january 2015 detailed the processes through which organizations evaluate mobile applications for cybersecurity vulnerabilities. As both public and private organizations rely more on mobile applications ensuring that are they reasonably freefrom vulnerabilities and defects becomes. This process can be used to ensure that mobile applications. This paper outlines and paramount details a mobile application vetting process.

Nist maintains the national checklist repository which is a publicly available resource that contains information on a variety of security configuration checklists for specific it products or categories of it products a security configuration checklist also called a lockdown hardening guide or benchmark is a series of instructions or procedures for configuring an it product to a. Nist special publication sp 800 163 revision 1 vetting the security of mobile applications is an important update to nist guidance on mobile application vetting and security. As both public and private organizations rely more on mobile applications securing these mobile applications from vulnerabilities and defects becomes more important. This paper outlines and details a mobile application vetting process.

For checklist users this document gives an overview of the nist checklist program explains how to retrieve checklists from nist s repository and provides general information about threat discussions and baseline. Mobile applications arean integ ral part of our everyday personal and professional lives. Containers provide a portable reusable and automatable way to package and run applications. The use of well written standardized checklists can.

Application container technologies also known as containers are a form of operating system virtualization combined with application software packaging.