1. Open Web Application Security Project (OWASP)
1.1. Mobile Application Security Verification Standard (MASVS)
1.1.1. 1.9 MSTG-ARCH-9
1.1.2. 5.6 MSTG-NETWORK-6
1.2. Application Security Verification Standard 4.0.3 (ASVS)
1.2.1. V1.14 Configuration Architecture
1.2.2. V10.3 Application Integrity
1.2.3. V14.2 Dependency
2. ioXt Alliance
2.1. Mobile Application Profile
2.1.1. 4.5. Verified Software VS1
2.1.2. 4.6. Security by Default SD115
2.1.3. 4.8. Automatically Applied Updates AA1
2.1.4. 4.8. Automatically Applied Updates AA2
2.1.5. 4.8. Automatically Applied Updates AA3
2.1.6. 4.8. Automatically Applied Updates AA4
2.1.7. "4.10. Security Expiration Date SE1.1"
2.1.8. "4.10. Security Expiration Date SE1.2"
3. US National Institute of Standards and Technology (NIST)
3.1. NIST Special Publication 800-190
3.1.1. 4.5.3 Host OS component vulnerabilities
3.1.2. 6.4 Operations and Maintenance Phase
4. National Information Assurance Partnership (NIAP)
4.1. Requirements for Vetting Mobile Apps from the Protection Profile for Application Software
4.1.1. Integrity for Installation and Update FPT_TUD_EXT.1.1
4.1.2. Integrity for Installation and Update FPT_TUD_EXT.1.5
4.1.3. Security Assurance Requirements ATE_IND.1.2E
4.1.4. Security Assurance Requirements AVA_VAN.1.1C
5. APPLE
5.1. Developer Security
5.1.1. Secure Code Updating Mac Software Overview
5.1.2. Secure Code Updating Mac Software Update Files that Include Signed Code
5.1.3. Secure Code Updating Mac Software Check Third-Party Software Updaters
6. GOOGLE
6.1. Core app quality
6.1.1. PS-T1
6.1.2. PS-T2
6.1.3. PS-T3
6.1.4. PS-T4
6.2. App Security Best Practices
6.2.1. Keep services and dependencies up-to-date
6.2.2. Keep services and dependencies up-to-date Check the Google Play services security provider
6.2.3. Keep services and dependencies up-to-date Update all app dependencies