Mobile Application Threat Modeling
You are a cyber threat analyst at a mobile applications company. One morning, your supervisor, Dan, tells you about a mobile application security project that is already under way, but needs more guidance. Because of your success on previous projects, he wants your help.
Your expertise and oversight will enable the mobile app team to meet its approaching deadline. “Mobile applications and their security are on the technology roadmap for our organization. Of course, this means we need to be well-informed of mobile application security management,” Dan says.
“Without the proper threat modeling, leadership can’t be sure of the issues that lie ahead. I want you to oversee the project and manage the team,” Dan says. “We’d also like you to contribute to this project by preparing a report for senior management.” The report should include threat models to this technology as well as remediation for management to consider. The report should give senior management a greater understanding of mobile application security and its implementation.
Your report should consist of the following sections: mobile application architecture, mobile data, threat agent identification, methods of attack, and possible controls. The goal is to convince senior managers that your proposals will benefit the company. If you succeed, leadership will move forward with its plan for mobile applications. The report is due in two weeks.
- Threat Model Report: An eight- to 10-page double-spaced Word document with citations in APA format. The report should include your findings and any recommendations for mitigating the threats found. The page count does not include figures, diagrams, tables, or citations.