The National Institute of Standards and Technology issued its updated guidance on mobile application vetting and security that allows organizations to explore new resources to secure apps. On Friday the revised 2015 Vetting the Security of Mobile Applications document was published, assisting organizations with assessment of mobile applications for cybersecurity vulnerabilities.
Agencies can now use data from the National Information Assurance Partnership, the Open Web Application Security Project, the MITRE Corp and NIST to determine requirements for mobile app security. The document also details how to identify vulnerabilities and how agencies can integrate the process into its general security posture.
The revision “goes into a greater—and updated—exploration of the current threat landscape facing mobile apps,” according to an NIST statement. “Furthermore, it includes and aligns itself with current guidelines and recommendations being made by both industry and other federal partners.”