Mobile Threat Catalogue

Current Status

Though the official comment period on The Mobile Threat Catalogue has closed, this is living document and we continue to appreciate your feedback. For ease of use, we have included an Interagency Report providing context and background information.

Sign up for email alerts from the NCCoE to receive updates on our Mobile Device Security projects. If you have questions or would like to join our Community of Interest, please email the project team at mobile-nccoe@nist.gov.

Summary

Mobile devices pose a unique set of threats to enterprises. Typical enterprise protections, such as isolated enterprise sandboxes and the ability to remote wipe a device, may fail to fully mitigate the security challenges associated with these complex mobile information systems. With this in mind, a set of security controls and countermeasures that address mobile threats in a holistic manner must be identified, necessitating a broader view of the entire mobile security ecosystem. This view must go beyond devices to include, as an example, the cellular networks and cloud infrastructure used to support mobile applications and native mobile services.

The Mobile Threat Catalogue identifies threats to mobile devices and associated mobile infrastructure to support development and implementation of mobile security capabilities, best practices, and security solutions to better protect enterprise IT. Threats are divided into broad categories, primarily focused upon mobile applications and software, the network stack and associated infrastructure, mobile device and software supply chain, and the greater mobile ecosystem. Each threat identified is catalogued alongside explanatory and vulnerability information where possible, and alongside applicable mitigation strategies.

Join Our Community of Interest

Interested in joining the Mobile Threat Catalogue Community of Interest? Contact us!

A Community of Interest is a group of professionals and technical advisors convened to support the cybersecurity resiliency of the U.S. economy. Read More.

News and Events