Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guidance for Secure Authorization of Mobile Applications in the Corporate Environment



Athanasios T. Karygiannis, Stephen Quirolgico, Larry Feldman, Gregory A. Witte


This bulletin provides an overview of NIST Special Publication (SP) 800-163, "Vetting the Security of Mobile Applications." The NIST SP helps organizations understand the process for vetting the security of mobile applications, plan for the implementation of an app vetting process, develop app security requirements, understand the types of app vulnerabilities and the testing methods used to detect those vulnerabilities, and determine if an app is acceptable for deployment on the organization's mobile devices.
ITL Bulletin -


app vetting, apps, malware, mobile devices, security requirements, security vetting, smartphones, software assurance, software security, software testing, software vetting


Karygiannis, A. , Quirolgico, S. , Feldman, L. and Witte, G. (2015), Guidance for Secure Authorization of Mobile Applications in the Corporate Environment, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed July 14, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created March 19, 2015, Updated May 4, 2021