Compliance
Compliance & standards mapping
Where Appsolid's Android protection and RASP map onto the major mobile-security standards — what it supports, and what stays your responsibility.
Note: This page is a mapping for orientation — not a claim of certification or verification. Secure coding and server-side controls remain your responsibility. Appsolid is an Android client-protection tool that supports some of these controls.
OWASP MASVS
MASVS is the industry standard for mobile app security verification. Its RESILIENCE group defines controls for apps that must resist reverse engineering and tampering — exactly the area Appsolid supports.
See the mappingMASVS-RESILIENCE
MASVS-RESILIENCE is the control group for resistance to reverse engineering and tampering. It's central for finance, gaming and other apps with high client-side threat — and it's where Appsolid's protection maps most directly.
See the mappingOWASP Mobile Top 10
A list of the ten most common mobile app risks. Appsolid helps mitigate the ones tied to the client binary and runtime — it does not address all ten.
See the mappingPCI MPoC
MPoC is the PCI standard for accepting payments on commercial off-the-shelf phones; it requires strong software protection and monitoring. Appsolid supports parts of those software-protection and on-device threat-monitoring requirements.
See the mappingNIST SSDF (800-218)
The SSDF defines secure practices across the development lifecycle. Appsolid supports its 'protect the software' (PW) and 'respond to vulnerabilities' (RV) practices at the post-build stage.
See the mappingNIST 800-163
800-163 sets out how organizations vet mobile apps. Appsolid strengthens a vetted app's resistance to reversing, tampering and runtime threats, and provides published validation evidence.
See the mapping