[Owasp-leaders] Mobile Device Insecure Third Party Components

Bill Sempf bill.sempf at owasp.org
Fri Feb 5 21:33:51 UTC 2016


I received a question from a colleague about components of mobile apps and
wondered if any other leaders had any insight.

"I'm putting together a summary of our mobile apps, trying to highlight the
fact that the majority of our apps have not been updated (based upon
Published Date or Date of Last update, whichever is later) since 2014.
Granted that date doesn't necessarily mean that's the last time the code
was looked at, so I'll admit to making some generalizations. What I'm
hoping for is a quotable reference that says mobile code should be reviewed
on at least an annual/quarterly/whatever-the-best-practice-is basis."

I didn't have an answer for him. I thought dependency check might do the
component checking, but I had no idea if there was an OWASP project around
mobile component management.  Any input?

Thanks!

S
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20160205/ef24927f/attachment.html>


More information about the OWASP-Leaders mailing list