This document discusses securing mobile applications. It begins with an overview of threats to mobile platforms and how they have created opportunities for hackers. It then discusses understanding the risks with a mobile threat model showing different attack vectors. The key threats identified are insecure data storage, insufficient transport layer security, and client side injection. It provides examples of these threats and how they are commonly exploited. Finally, it discusses defending mobile applications with design principles and approaches like assuming the client is compromised, connecting to untrusted networks, and an untrusted operating system. It emphasizes the basics of secure development, testing, and ongoing monitoring and review.