Mobile app vetting is the process of auditing and verifying mobile applications to guarantee they meet certain security, functionality, and usability requirements. The mobile app vetting evaluation may involve several stages, such as:
1. Initial Screening: This requires a preliminary review of the app to guarantee it meets basic requirements for submission, such as having an obvious purpose, abiding by guidelines and regulations, and not containing malicious code.
2. Testing: The app is thoroughly tested to detect bugs, glitches, or vulnerabilities. Testing could include functional testing, performance testing, and security testing.
3. Approval: Once an app has passed all tests and meets all requirements, it can be approved for release on the app store.
4. Monitoring: After release, the app may continue to be monitored for any potential issues, such as security breaches or user complaints.
The specific mobile app vetting process may differ depending on the platform and app store, but it should always guarantee that mobile apps are secure for users to download and use. The use of mobile app vetting is recommended by the Continuous Diagnostics and Mitigation (CDM) Program, in the NIST SPECIAL PUBLICATION 800-124 rev2 guidelines for managing the security of mobile devices in the enterprise, and as a part of Cybersecurity and Infrastructure Security Agency (CISA) Zero Trust maturity model.
Zimperium’s z3A vets mobile apps and provides deep intelligence, including contextual analysis and privacy and security ratings.