There are numerous ways of developing mobile apps today, but how do you ensure that your app is properly secured? What are the threats you should be concerned about and what can you do to avoid being an easy target? If you don't want to miss anything, leveraging a standard is essential. Google understands this very well and since April 2022 acknowledges developers who had their apps independently validated against the OWASP MASVS. In this talk I'll introduce you to the OWASP MASVS (Mobile Application Security Verification Standard), which works together with the OWASP MSTG (Mobile Security Testing Guide) to help you understand the attack surface of mobile apps, how to exploit them and how to protect them. Both resources are crafted and are curated by a team of numerous experts and community contributors.