Mobile Threat Catalogue

Home

In order to fully address the inherent threats of mobile devices, a wider view of the mobile ecosystem is necessary. This repository contains the Mobile Threat Catalogue, which describes, identifies, and structures the threats posed to mobile information systems. The associated report providing context and describing the origins of this repository is available here: NISTIR 8144: Assessing Threats to Mobile Devices & Infrastructure.

Readers of the catalogue may notice threats that are not tied to a documented source or lack countermeasures, and other threats may exist that are not identified here. This catalogue is intended as a living document. Though the initial comment period is now closed, feedback on mobile threats addressed in the catalogue as well as ideas for additional threats are still encouraged.

Privacy Policy | Security Notice | Accessibility Statement | Disclaimer | Send Feedback
Each organization is unique in its risk posture and cybersecurity needs. Mobile device users should consult with their organization’s security team before implementing mitigations or resolutions outlined on this website to avoid potential conflicts with their organization's processes or environments.