I attended the annual RSA conference in San Francisco in late February. Its always an interesting event. This year I heard more talk around the issue of mobile application security and smartphones. Not the apps that an enterprise might give its employees to extend a legacy application, but the easily downloaded apps that are found all over the net. A small percentage of these apps carry malware and they have not been approved for use by enterprises. Researchers have found that most of the developers of these apps are young and care more about functionality than reliability. This can open the door for code functionalities to be abused by others. Im expecting to see new vetting processes that will allow enterprises and users to determine the trustworthiness of an application prior to downloading it. Work on this is being done by Professor Angelos Stavrou of George Mason University in conjunction with the National Institute of Standards and Technology.