All the workstations in production
must count with an unalterable security suite
(Anti-virus, Antispyware, Host Firewall, Host-IDS, Host-IPS).
F077. ARP spoofing
F084. MDNS spoofing
F104. USB flash drive attacks
F115. Security controls bypass
CWE-923: Improper Restriction of Communication Channel to Intended Endpoints
The software establishes a communication channel to (or from) an endpoint for
privileged or protected operations,
but it does not properly ensure that it is communicating with the correct
V1.14 Configuration Architectural Requirements.(1.14.1)
Verify the segregation of components of differing trust levels through
well-defined security controls, firewall rules, API gateways, reverse proxies,
cloud-based security groups, or similar mechanisms.
Ready to start with Fluid Attacks?
Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.