It wasn’t long ago that being on the cutting edge of business meant having a website where customers could purchase your products, but that quickly changed. Soon, it wasn’t enough just to have an e-commerce presence; you had to offer an interactive and engaging customer experience (see Web 2.0).
Now the standard has shifted once again; in order to truly compete in the modern economy, your business needs to have a mobile storefront on smart phones and tablets. Without this mobile presence, you’ll lose business to competitors who have them.
With this new challenge comes high risk as well as great reward. With mobility, the client side of your applications is more important than ever. Instead of accessing your website from the safe confines of work or home, your customers can now perform sensitive transactions anywhere. As a result, mobile applications, and the devices and data they interact with, can now be more easily attacked.
Attackers will probe all components of your application for vulnerabilities, and the only question is whether you will find them first. This paper highlights the various considerations for defending mobile applications—from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.