This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Projects/OWASP Mobile Security Project - Top Ten Mobile Risks
From OWASP
Revision as of 23:54, 23 January 2013 by Jason Haddix (talk | contribs)
About this list
The list below is release candidate v1.0 of the OWASP Top 10 Mobile Risks. This list was initially released on September 23, 2011 at Appsec USA. A call for volunteers will be released in the July 2012 timeframe for an annual refresh of the Top 10 Mobile Risks.
The original presentation can be found here: www.slideshare.net/JackMannino/owasp-top-10-mobile-risks
Top 10 Mobile Risks, Release Candidate v1.0
- M1: Insecure Data Storage
- M2: Weak Server Side Controls
- M3: Insufficient Transport Layer Protection
- M4: Client Side Injection
- M5: Poor Authorization and Authentication
- M6: Improper Session Handling
- M7: Security Decisions Via Untrusted Inputs
- M8: Side Channel Data Leakage
- M9: Broken Cryptography
- M10: Sensitive Information Disclosure
