27 Sep, 2011

OWASP Top 10 Mobile Risks

by Jack Mannino

The OWASP Top 10 Mobile Risks were presented last week at the OWASP Appsec USA conference in Minneapolis, Minnesota.  This is a list of the most prevalent and dangerous risk areas in mobile application development today.  Including myself (Jack Mannino), the presentation was given along with Zach Lanier from Intrepidus Group, and Mike Zusman from Carve Systems.

You can find the slides here:  http://www.slideshare.net/JackMannino/owasp-top-10-mobile-risks

To be clear, a Top 10 list is merely a start rather than a comprehensive set of risks and compensating controls.  Our goal is to raise visibility into some of these problems, and help developers understand these issues in order to reduce their prevalence and impact in real-world applications.

Currently, this is a  release candidate  list.  A lot can still change before it gets the green light as  final.

If you are interested in contributing to the OWASP Mobile Security Project, please feel free to get in touch with me or anyone else involved with project leadership.

-Jack