Application security and testing - public kiosks
by Andy Flagg, Publication Date: Monday, March 1, 2021
View Count: 51, Keywords: Application Development, Testing, Public Kiosks, Husqvarna, Chainsaws, Hashtags: #ApplicationDevelopment #Testing #PublicKiosks #Husqvarna #Chainsaws
I was just working with some kiosk folks and their application testing and noticed that their security risk profile was too wide. What does that mean they said? I said, their attack surface was too big, and it should be really small.
Their application, mobile, was very amazing indeed. It had a ton of functionality, yet I asked them, where is the weak link in their application, and if I had to apply a terminate and intercept the problem in the kill chain.
It's funny, when I think of kill chain, I remember my days using a chainsaw made by Husqvarna
and sharpening that chain for better performance cutting up wood. The same applies here in application security.
Regardless of your kiosk application; remember, know your attack surface, the attack vector and the kill chain.
I am now re-reviewing my application push and production release for threats and none found. Well, now, then again, I did see one thing that I need to add. That's good and not so good. I need to sharpen my pencil on this problem as I see it. Stand by!!
more to come...
if you found this article helpful, consider contributing $10, 20 an Andrew Jackson or so..to the author. more authors coming soon
FYI we use paypal or patreon, patreon has 3x the transaction fees, so we don't, not yet.
© 2021 myBlog™ v1.1 All rights reserved. We count views as reads, so let's not over think it.