nowsecure / secure-mobile-development

A Collection of Secure Mobile Development Best Practices
https://books.nowsecure.com/secure-mobile-development/en/
Other
557 stars 123 forks source link
android apple best-practices gitbook ios mobile-security nowsecure secure-development

Secure Mobile Development

At NowSecure we spend a lot of time attacking mobile apps - hacking, breaking encryption, finding flaws, penetration testing, and looking for sensitive data stored insecurely. We do it for the right reasons - to help developers make their apps more secure. This document represents some of the knowledge we share with our clients and partners. We are driven to advance mobile app security worldwide.

Using this Guide

This guide gives specific recommendations to use during your development process. The descriptions of attacks and security recommendations in this report are not exhaustive or perfect, but you will get practical advice that you can use to make your apps more secure.

We revise our best practices periodically and invite contributions, and the updated guide is published here as changes are accepted into the main repository.

To learn about all the vectors that attackers might use on your app, read our Mobile Security Primer.

Categories

We categorize our Secure Mobile Development Best Practices under eight topics. You can find a complete table of contents here

Technology Stack

The book is written with GitBook.

Contributing

We revise our best practices periodically and invite contributions, and the updated guide is published here as changes are accepted into the main repository.

We welcome contributions from knowledgeable developers and security professionals. All contributors must read our Contributing page and accept the terms in their Pull Requests. Please follow the template and format provided if you do contribute.

We publish this guide under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

We will review contributions and periodically publish updated recommendations. If you have questions or feedback please let us know.

Instructions

First fork this repository, make your changes and submit them back to this repository as a Pull Request. If you are unfamiliar with this process, please read the GitHub User Documentation.

Adding a Best Practice

TBD