The drive towards mobile applications has opened up questions of security. Mobile apps typically connect over the Internet to Web Services for their data, thus raising security concerns not only for the mobile application itself, but also the Web Services which it accesses for its data. How do organizations protect against attackers trying to reverse engineer or otherwise attack the mobile application, or attack the Web Services feeding it data? What if malicious mobile applications are placed in app “markets” and installed by unwary employees? What about attacks on the Web Services include data harvesting, eavesdropping on data, and denial-of-service