Easy access to all the Government news updates

Subscribe and receive personalized news articles straight in your inbox

*By clicking "Join us now" you agree to receive emails, promotions and general messages from ExecutiveGov. In addition, you also agree to ExecutiveGov's Privacy Policy and Terms & Conditions.


Tom Karygiannis: NIST Mobile App Vetting Guide Details Testing Methods

1 min read

mobile securityThe National Institute for Standards and Technology is seeking comments from the public on the agency’s new draft guidelines on how to test mobile applications for potential privacy and security risks to the network or organization.

NIST said Wednesday the “Technical Considerations for Vetting 3rd Party Mobile Applications” document covers test requirements, tools and techniques used in vetting apps, software assurance issues, sample findings and security weaknesses of apps.

Tom Karygiannis, a NIST computer scientist, said the guide “describes tests that allow software security analysts to discover and understand vulnerabilities and behavior before the app is approved for use.”

Tests should also be based on the organizations that will deploy the apps as well as their particular security requirements, user environment and context of use, NIST said.

The agency added that users should balance the benefit of apps to employee productivity with the potential vulnerabilities they bring to sensitive and personal data.

The draft guidance also recommends organizations to train employees on mobile app security and privacy issues, create a mobile app vetting system and implement vetting throughout the app life cycle.

NIST will accept comments through Sept. 18.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Government Technology

Leave a Reply

Your email address will not be published.