"Under the Promise of Early Success, CISA Expands its Beta Mobile App Vetting Service"

Mobile devices are essential to day-to-day operations, and their increasing use in government provides more than convenience. However, this connectivity has also widened the threat landscape, leaving the government vulnerable to malicious apps that could compromise the security of its systems. The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) is expanding access to the Mobile App Vetting (MAV) service for this reason. On February 8, 2023, CISA granted MAV an Authorization to Operate (ATO), recognizing the service's critical role in countering a growing risk of mobile app vulnerabilities to Federal Civilian Executive Branch (FCEB) agencies. In the following months, many agencies will experience MAV's capabilities for the first time. A few early adopters are already well-versed in its utility. Early in 2022, when Customs and Border Protection (CBP) needed an improved app-vetting ability to bolster its mobile security, it turned to MAV to meet its requirements. CBP currently uses MAV to vet its library of mobile apps for security vulnerabilities before deployment on the component's smartphones and tablets. CBP launched vetting efforts for a third-party COVID-19 contact-tracing app. MAV was able to identify flaws inherent to the iOS version of the app. This discovery forced CBP to cancel the deployment of the app, thereby protecting the security and integrity of its mobile devices. This article continues to discuss CISA's expansion of its MAV service.

CISA reports "Under the Promise of Early Success, CISA Expands its Beta Mobile App Vetting Service"