Whitepaper: Secure Mobile Application Development Reference

Helping Developers Write More Secure Mobile Applications

Writing mobile applications is not an easy feat. Few do it well and even fewer write mobile applications in a secure fashion so that they can protect sensitive data and calculations when published to app stores. In most organizations, the people that worry about the security of applications live in the security department, not the application development group.

Denim Group authored the Secure Mobile Application Development Reference as both a technical resource and to facilitate discussions between the security team and the mobile developers at your organization.

Written by Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As Chief Technology Officer and Principal at Denim Group, he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. Learn more about Dan >>

Follow Dan Cornell on Twitter: @danielcornell
Follow Denim Group on Twitter: @denimgroup

This guide characterizes the many aspects of mobile development that involve security, including:

  • The differences between the iOS and Android security architectures.
  • How mobile and web development threat models differ.
  • The challenge of automated testing on mobile code for both platforms. There is no substitute for having a security architect review the architecture of a mobile application in development.

How this Paper Helps the Application Security Manager

This paper is designed to help the Application Security Manager make substantial progress communicating security needs to the development team.

First, it will help give the manager a better understanding of the security differences of the two major mobile platforms, iOS and Android. The ways both platforms implement security controls is vastly different, and these differences are the first step in better understanding where to chart security improvements.

Second, and perhaps more importantly, the manager can hand this guide to the mobile developer to implement security controls that are important to the organization.

How this Paper Helps the Developer

This reference guide will provide developers with a deeper understanding of the security architecture of the two main mobile development platforms, namely iOS and Android. By understanding the key security differences in both platforms, developers can better implement security controls and have a more productive conversation with security colleagues.


Download Secure Mobile Application Development Reference

Thank you for your interest in this whitepaper. Please submit the form below to access the document.

( * Denotes Required Field)

First Name: *     
Last Name: *
Work Email: *
Company: *