{"id":2108,"date":"2011-11-17T13:02:28","date_gmt":"2011-11-17T07:32:28","guid":{"rendered":"https:\/\/www.qadit.com\/blog\/?p=2108"},"modified":"2011-11-29T13:08:55","modified_gmt":"2011-11-29T07:38:55","slug":"owasp-top-10-mobile-risks-%e2%80%93-part-1","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/owasp-top-10-mobile-risks-%e2%80%93-part-1\/","title":{"rendered":"OWASP &#8216;Top 10 Mobile Risks&#8217; \u2013 Part 1"},"content":{"rendered":"<p style=\"text-align: justify\">OWASP (Open Web Application Security Project) has come up with a top 10 risks for the mobile technology. This list is in the \u2018beta\u2019 stage. The list, released on 23<sup>rd<\/sup> September 2011, has been under a 60 day review period and is due for a final version release any time. When released, this will be the first official version of OWASP top 10 for mobile applications. \u00a0The current list of OWASP Top 10 Mobile Risks (Release candidate) is reproduced below:<!--more--><\/p>\n<ol>\n<li>Insecure Data Storage<\/li>\n<li>Weak Server Side Controls<\/li>\n<li>Insufficient Transport Layer Protection<\/li>\n<li>Client Side Injection<\/li>\n<li>Poor Authorization and Authentication<\/li>\n<li>Improper Session Handling<\/li>\n<li>Security Decisions Via Untrusted Inputs<\/li>\n<li>Side Channel Data Leakage<\/li>\n<li>Broken Cryptography<\/li>\n<li>Sensitive Information Disclosure<\/li>\n<\/ol>\n<p style=\"text-align: justify\">The above list of risks are platform agnostic. Also the OWASP project team, working on the \u2018Top 10\u2019 have changed their approach from \u2018Vulnerability\u2019 centric list to \u2018Risk\u2019 centric list.\u00a0 When OWASP releases the final version of this list, IT security fraternity will be seeing a clear mobile security roadmap emerge. In the next part, we shall look into what each of these risks mean. In the final part of this series of OWASP top 10, we shall look into the Top 10 mobile controls recommended by OWASP.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>OWASP (Open Web Application Security Project) has come up with a top 10 risks for the mobile technology. This list is in the \u2018beta\u2019 stage. The list, released on 23rd September 2011, has been under a 60 day review period and is due for a final version release any time. When released, this will be &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/qadit.com\/blog\/owasp-top-10-mobile-risks-%e2%80%93-part-1\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;OWASP &#8216;Top 10 Mobile Risks&#8217; \u2013 Part 1&#8221;<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12],"tags":[113,145],"class_list":["post-2108","post","type-post","status-publish","format-standard","hentry","category-itsec","tag-mobile-security","tag-owasp"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-y0","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/2108","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=2108"}],"version-history":[{"count":0,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/2108\/revisions"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=2108"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=2108"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=2108"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}