Difference between revisions of "Projects/OWASP Mobile Security Project - Top Ten Mobile Risks"

From OWASP
Jump to: navigation, search
Line 17: Line 17:
 
|}
 
|}
 
</center>
 
</center>
=== About this list  ===
+
== About this list  ==
 
In 2013 we polled the industry for new vulnerability statistics in the field of mobile applications. What you see here is a result of that data and a representation of the mobile application threat landscape.  
 
In 2013 we polled the industry for new vulnerability statistics in the field of mobile applications. What you see here is a result of that data and a representation of the mobile application threat landscape.  
  
Line 30: Line 30:
  
  
=== Top 10 Mobile Risks - Re-Release Candidate 2014 v1.0 ===
+
== Top 10 Mobile Risks - Re-Release Candidate 2014 v1.0 ==
 
*[[Mobile_Top_10_2014-M1|M1: Weak Server Side Controls ]]  
 
*[[Mobile_Top_10_2014-M1|M1: Weak Server Side Controls ]]  
 
*[[Mobile_Top_10_2014-M2|M2: Insecure Data Storage ]]
 
*[[Mobile_Top_10_2014-M2|M2: Insecure Data Storage ]]
Line 43: Line 43:
  
  
=== Additional Information ===
+
== Project Leads, Credit, and Contributions ==
  
 
* ''' [[Mobile_Top_Contributions|Mobile Top Ten Contributions Page ]] '''
 
* ''' [[Mobile_Top_Contributions|Mobile Top Ten Contributions Page ]] '''
 +
 +
== Project Methodology ==
  
 
* '''We adhered loosely to the [https://www.owasp.org/index.php/Top_10_2013/ProjectMethodology OWASP Web Top Ten Project methodology]. '''
 
* '''We adhered loosely to the [https://www.owasp.org/index.php/Top_10_2013/ProjectMethodology OWASP Web Top Ten Project methodology]. '''
  
 +
== Archive ==
 
* The list below is the OLD release candidate v1.0 of the OWASP Top 10 Mobile Risks. &nbsp;This list was initially released on September 23, 2011 at Appsec USA. &nbsp;
 
* The list below is the OLD release candidate v1.0 of the OWASP Top 10 Mobile Risks. &nbsp;This list was initially released on September 23, 2011 at Appsec USA. &nbsp;
  
Line 54: Line 57:
 
*** The corresponding video can be found here: [http://www.youtube.com/watch?v=GRvegLOrgs0 VIDEO]
 
*** The corresponding video can be found here: [http://www.youtube.com/watch?v=GRvegLOrgs0 VIDEO]
 
*** [[Mobile_Top_10_2012|2011-12 Mobile Top Ten for archive purposes]]
 
*** [[Mobile_Top_10_2012|2011-12 Mobile Top Ten for archive purposes]]
 +
__NOTOC__

Revision as of 01:47, 30 January 2014


About this list

In 2013 we polled the industry for new vulnerability statistics in the field of mobile applications. What you see here is a result of that data and a representation of the mobile application threat landscape.


Our road-map for 2014 includes:

2014-01-26 20-23-29.png
  • More updates to the wiki content; including cross-linking to testing guides, more visual exercises, etc.
  • A PDF release.


This list is still a work in progress. We are small group doing this work and could use more help! If you are interested, please contact one of the project leads.


Top 10 Mobile Risks - Re-Release Candidate 2014 v1.0


Project Leads, Credit, and Contributions

Project Methodology

Archive

  • The list below is the OLD release candidate v1.0 of the OWASP Top 10 Mobile Risks.  This list was initially released on September 23, 2011 at Appsec USA.