Before we examine in detail the threats facing your app, it’s worth exploring what attackers are actually targeting. We’ll also share some fundamental principles of mobile application protection.

Attackers target assets. And we can categorize these assets into three main types:

  • Internal data and intellectual property (IP)
  • Restricted functionalities
  • Sensitive user data

During the course of this guide we’ll focus on these assets, how attackers attempt to access and exploit them, and how you can prevent them from doing so.

Identifying how attackers seek to achieve their objectives will go a long way in helping you to create a threat model, which we’ll also cover in this section. Carry out this foundational process and you can put your app in a stronger position to defend itself against attacks of all kinds. To that end, we’ll also introduce what we consider to be the crucial four layers of mobile application protection.

In this section