The same Web security rules apply regardless of the client being used. The good news is that exploitation via phone is not quite as easy or convenient. The bad news is that the mobile-centric pages are still accessible to everyone on the Web. The best recommendation is to find and fix the flaws in your existing code before your port it over to the mobile world. For those who've already gone mobile be sure to include the mobile code in your security testing. Even though it may look the same there could be some nuances that lead to security flaws.
Here are some articles I can recommend for testing rich internet applications, Web 2.0 and other online security concerns:
Dig Deeper on Topics Archive
Related Q&A from Kevin Beaver
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.