Definition[]
An app vetting process is
“ | [t]he process of verifying that an app meets an organization's security requirements. An app vetting process comprises app testing and app approval/rejection activities.[1] | ” |
Overview[]
"An app vetting process is a sequence of activities that aims to determine if an app conforms to the organization's security requirements. This process is performed on an app after the app has been developed and released for distribution but prior to its deployment on an organization's mobile device. Thus, an app vetting process is distinguished from software assurance processes that may occur during the software development life cycle of an app. Note that an app vetting process typically involves analysis of an app’s compiled, binary representation but can also involve analysis of the app's source code if it is available."[2]
References[]
- ↑ NIST Special Publication 163, Glossary, at 32.
- ↑ Id. at 2.