O'Reilly logo

Mobile Application Penetration Testing by Vijay Kumar Velu

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Threat modeling a mobile application

A structured task for identifying and evaluating the threats and vulnerabilities of an application is called threat modeling; in simple terms, What could possibly go wrong with my app? This becomes the problem statement for creating the threat model.

In our case, we will look at what could possibly go wrong with our mobile app. There is no straightforward method of creating a model or a proven threat model, particularly for mobile applications.

Note

OWASP has created a sample threat model, which can be found at https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Mobile_Threat_Model#Controls

In order to understand the possible threats to a mobile app, it is necessary to define the information ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required