Verifying Mobile App Security Using the OWASP Checklist

Even though modern mobile operating systems like iOS and Android are arguably more secure by design compared to traditional Desktop operating systems, there's still a lot of things that can go wron...

The OWASP MASVS: A Community Effort To Fix Mobile AppSec

Technological revolutions can happen quickly. Less than a decade ago, smartphones were clunky devices with little keyboards: Expensive playthings for tech-savvy business users. Today, smartphones a...

Does Security by Obscurity Work?

No, it doesn't. This is what common security wisdom says and I belonged to that school of thought for most of my security expert life. That said, in the 2000s I did my fair share of malware analysi...

The OWASP MSTG: Towards a Standard Methodology for Mobile App Security Testing

The software security testing landscape has changed. A few years ago, we were testing web apps, web apps and... more web apps. Some of us already got a little bored with testing all those web apps....