In order to fully address the inherent threats of mobile devices, a wider view of the mobile ecosystem is necessary. This repository contains the Mobile Threat Catalogue, which describes, identifies, and structures the threats posed to mobile information systems. The associated report providing context and describing the origins of this repository is available here: NISTIR 8144: Assessing Threats to Mobile Devices & Infrastructure.

Readers of the catalogue may notice threats that are not tied to a documented source or lack countermeasures, and other threats may exist that are not identified here. This catalogue is intended as a living document. Though the initial comment period is now closed, feedback on mobile threats addressed in the catalogue as well as ideas for additional threats are still encouraged.