{
  "name": "OWASP Mobile Top 10 (2016)",
  "description": "Top 10 most critical mobile application security risks.",
  "enabled_fields": [
    "references"
  ],
  "status_choices": [
    "Not Tested",
    "Out of scope",
    "Fail",
    "Partial",
    "Pass"
  ],
  "categories": [
    ""
  ],
  "items": [
    {
      "order": 1,
      "name": "Improper Platform Usage",
      "reference": "M1",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m1-improper-platform-usage>https://owasp.org/www-project-mobile-top-10/2016-risks/m1-improper-platform-usage</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 2,
      "name": "Insecure Data Storage",
      "reference": "M2",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m2-insecure-data-storage>https://owasp.org/www-project-mobile-top-10/2016-risks/m2-insecure-data-storage</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 3,
      "name": "Insecure Communication",
      "reference": "M3",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m3-insecure-communication>https://owasp.org/www-project-mobile-top-10/2016-risks/m3-insecure-communication</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 4,
      "name": "Insecure Authentication",
      "reference": "M4",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m4-insecure-authentication>https://owasp.org/www-project-mobile-top-10/2016-risks/m4-insecure-authentication</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 5,
      "name": "Insufficient Cryptography",
      "reference": "M5",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m5-insufficient-cryptography>https://owasp.org/www-project-mobile-top-10/2016-risks/m5-insufficient-cryptography</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 6,
      "name": "Insecure Authorization",
      "reference": "M6",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m6-insecure-authorization>https://owasp.org/www-project-mobile-top-10/2016-risks/m6-insecure-authorization</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 7,
      "name": "Client Code Quality",
      "reference": "M7",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m7-client-code-quality>https://owasp.org/www-project-mobile-top-10/2016-risks/m7-client-code-quality</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 8,
      "name": "Code Tampering",
      "reference": "M8",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m8-code-tampering>https://owasp.org/www-project-mobile-top-10/2016-risks/m8-code-tampering</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 9,
      "name": "Reverse Engineering",
      "reference": "M9",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m9-reverse-engineering>https://owasp.org/www-project-mobile-top-10/2016-risks/m9-reverse-engineering</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    },
    {
      "order": 10,
      "name": "Extraneous Functionality",
      "reference": "M10",
      "category": "",
      "description": "",
      "subcategory": "",
      "level": "",
      "references": "<a href=https://owasp.org/www-project-mobile-top-10/2016-risks/m10-extraneous-functionality>https://owasp.org/www-project-mobile-top-10/2016-risks/m10-extraneous-functionality</a><br>",
      "riskrating": "",
      "notes": "",
      "guide": ""
    }
  ]
}