Around two weeks ago, we started a new initiative at Appknox. The intention was to start a collection of detailed articles about the various threats as listed by the OWASP Top 10 Project. While we have been discussing about the web, today we’ll also start off a new collection of threats pertaining to mobile platforms.
Mobile has grown tremendously all across the globe. In certain regions like India and South-east Asia, there are more cellphones than people! Along with devices, mobile apps have also grown manifold. Suddenly, consumers are more confident with the convenience offered by their mobiles phones. Whether you are at home, at the office, driving in your car or in a hotel room in another country – you can easily manage your work and personal data, bank online, shop for new clothes, travel and much more.
While this extreme level of growth and convenience is exciting, it has also brought with it an extreme number of security risks as user credentials, bank data and other information are easily flying between devices and backend systems all across the world.
Below, you’ll find the top 10 mobile security risks as defined by the OWASP Top 10 Project for Mobile. Understanding these risks can help you prepare your app and protect yourself, your data and your users. Starting next week, we will be discussing each threat in detail. For now, here are the most commonly found security threats in mobile:
- M1: Weak Server Side Controls
- M2: Insecure Data Storage
- M3: Insufficient Transport Layer Protection
- M4: Unintended Data Leakage
- M5: Poor Authorization and Authentication
- M6: Broken Cryptography
- M7: Client Side Injection
- M8: Security Decisions Via Untrusted Inputs
- M9: Improper Session Handling
- M10: Lack of Binary Protections
Follow us to stay updated about what you need to do to keep your mobile application safe from attacks.