Best Practices
About the MASTG Best Practices
The MASTG Best Practices are a collection of specific strategies and practices that can be used to prevent or mitigate security and privacy risks in mobile apps.
Each Best Practices is designed to be simple and focused and may apply to one or multiple tests in the MASTG.
| ID | Title | Platform |
|---|---|---|
| MASTG-BEST-0008 | Debugging Disabled for WebViews | |
| MASTG-BEST-0010 | Use Up-to-Date minSdkVersion | |
| MASTG-BEST-0003 | Comply with Privacy Regulations and Best Practices | |
| MASTG-BEST-0009 | Use Secure Encryption Algorithms | |
| MASTG-BEST-0005 | Use Secure Encryption Modes | |
| MASTG-BEST-0001 | Use Secure Random Number Generator APIs | |
| MASTG-BEST-0011 | Securely Load File Content in a WebView | |
| MASTG-BEST-0012 | Disable JavaScript in WebViews | |
| MASTG-BEST-0002 | Remove Logging Code | |
| MASTG-BEST-0013 | Disable Content Provider Access in WebViews | |
| MASTG-BEST-0007 | Debuggable Flag Disabled in the AndroidManifest | |
| MASTG-BEST-0006 | Use Up-to-Date APK Signing Schemes | |
| MASTG-BEST-0004 | Exclude Sensitive Data from Backups |