Identifying Threats During a "Move to Mobile"
7 views
Skip to first unread message
jOHN Steven
Mar 29, 2011, 2:10:14 PM3/29/11
to NoVAOWASP_ThreatModeling
In the software development circles I travel, the topic of adding a
mobile channel onto existing application/system infrastructure has
come up a bunch recently. With regards to threat modeling a ‘move to
mobile’ represents an ideal opportunity to revisit threat modeling. I
don’t necessarily prescribe threat modeling for well-known system arch-
types (such as classic n-tier) and technology stacks as much as when
teams attempt new and lesser known architectures.
The natural question: how do my threats change when I bring a mobile
channel into my existing application? I've written a blog entry on
the topic which is by no means exhaustive, but that represents--I
think--I good start on identifying new threats. Read more here:
http://goo.gl/TZ6C5
-jOHN
mobile channel onto existing application/system infrastructure has
come up a bunch recently. With regards to threat modeling a ‘move to
mobile’ represents an ideal opportunity to revisit threat modeling. I
don’t necessarily prescribe threat modeling for well-known system arch-
types (such as classic n-tier) and technology stacks as much as when
teams attempt new and lesser known architectures.
The natural question: how do my threats change when I bring a mobile
channel into my existing application? I've written a blog entry on
the topic which is by no means exhaustive, but that represents--I
think--I good start on identifying new threats. Read more here:
http://goo.gl/TZ6C5
-jOHN
Reply all
Reply to author
Forward
0 new messages