Research Brief: Cloud Security Alliance Mobile Working Group Releases Mobile Application Testing Initiative Report
New Effort to Help Organizations and Individuals Reduce Possible Risk Exposure and Security Threats in Using Mobile Applications
Seattle, WA – July 28, 2016 – The Cloud Security Alliance (CSA) today announced the release of a new whitepaper from the CSA Mobile Working Group on a new initiative to support the mobile application security testing community. The Mobile Application Security Testing Initiative report strives to lay out the roadmap for establishing a more secure cloud ecosystem to protect mobile applications.
Mobile applications have become an indispensable part of all organizations today. With the emergence of cloud computing technology, organizational reinforcement is needed to adapt to this fundamental change. Cloud computing enables real-time use of applications and simultaneously provides the enterprise with enormous flexibility. Accompanied by the convenience and with the inclusion of applications, security problems result from the lack of transparency and present challenges to risk management.
“This is an important initiative for the cloud community as it strives to create a more secure cloud ecosystem to protect mobile applications,” said Douglas Lee, co-Chair of the CSA Mobile Application Testing Initiative and Head, Solutions Architecture, Strategic ISV Partners at Amazon Web Services. “Beyond security testing and vetting, we will also look to develop processes and procedures for security incidence response so as to provide a holistic approach to mobile application security testing.”
The report details the issues of mobile app vetting from a life-cycle perspective, mobile app development management, mobile app coding, and audit management security issues. The group then plans to create an assessment and certification scheme white paper based on NIST special publication 800163: “Vetting the Security of Mobile Applications” and also set up a vetting plan for a mature model and mobile apps security. Also planned is the establishment of a vetting plan for mobile apps and guidance to allocate resources to resolve potential security problems or certification-period incidents.
The CSA Mobile Application Testing Initiative is co-chaired by Eric Wang, Chief Advisor at Gapertise along with Douglas Lee and is responsible for providing fundamental research to help secure mobile endpoint computing from a cloud-centric vantage point. Individuals interested in volunteering to contribute to mobile application security testing project should contact the leadership team at [email protected]
To access the full report visit: https://cloudsecurityalliance.org/download/mobile-application-security-testing/
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
Kari Walker for the CSA
Share this content on your favorite social network today!
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.
For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.