GoGreen PC TuneUp™
Learn More

Insta-Install™
this is how we code sign our software and ssl encrypt our websites from our affiliate partner SSL.com

myBlog

myBlog Home

Back to Blog MTNCOMP


Application security and testing - public kiosks

by Andy Flagg, Publication Date: Monday, March 1, 2021
View Count: 49, Keywords: Application Development, Testing, Public Kiosks, Husqvarna, Chainsaws, Hashtags: #ApplicationDevelopment #Testing #PublicKiosks #Husqvarna #Chainsaws



I was just working with some kiosk folks and their application testing and noticed that their security risk profile was too wide. What does that mean they said? I said, their attack surface was too big, and it should be really small.
 
Their application, mobile, was very amazing indeed. It had a ton of functionality, yet I asked them, where is the weak link in their application, and if I had to apply a terminate and intercept the problem in the kill chain.
 
It's funny, when I think of kill chain, I remember my days using a chainsaw made by Husqvarna and sharpening that chain for better performance cutting up wood. The same applies here in application security.
 
Regardless of your kiosk application; remember, know your attack surface, the attack vector and the kill chain.
 
I am now re-reviewing my application push and production release for threats and none found. Well, now, then again, I did see one thing that I need to add. That's good and not so good. I need to sharpen my pencil on this problem as I see it. Stand by!!
 
REF:  https://www.csoonline.com/article/2134037/strategic-planning-erm-the-practicality-of-the-cyber-kill-chain-approach-to-security.html
 
 
more to come...

if you found this article helpful, consider contributing $10, 20 an Andrew Jackson or so..to the author. more authors coming soon
FYI we use paypal or patreon, patreon has 3x the transaction fees, so we don't, not yet.

© 2021 myBlog™ v1.1 All rights reserved. We count views as reads, so let's not over think it.