This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Projects/OWASP Mobile Security Project - Top Ten Mobile Risks
From OWASP
Revision as of 13:53, 2 July 2012 by Jack Mannino (talk | contribs)
About this list
The list below is release candidate v1.0 of the OWASP Top 10 Mobile Risks. This list was initially released on September 23, 2011 at Appsec USA. A call for volunteers will be released in the July 2012 timeframe for an annual refresh of the Top 10 Mobile Risks.
The original presentation can be found here: www.slideshare.net/JackMannino/owasp-top-10-mobile-risks
Top 10 Mobile Risks, Release Candidate v1.0
- Insecure Data Storage
- Weak Server Side Controls
- Insufficient Transport Layer Protection
- Client Side Injection
- Poor Authorization and Authentication
- Improper Session Handling
- Security Decisions Via Untrusted Inputs
- Side Channel Data Leakage
- Broken Cryptography
- Sensitive Information Disclosure