![]() ![]() Let’s take a closer look at an archetypal example, Frida, and drill into the controls that have proven to be effective in limiting its unauthorized use.Īccording to the Frida website, Frida is a “Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.” A dynamic (binary) instrumentation toolkit (such as Frida) injects instrumentation code at runtime that can reveal and change the behavior and state of a targeted application throughout its execution. If you’re looking to tie this requirement back to regulations and compliance obligations, these topics typically fall squarely inside unauthorized privilege escalation or non-privileged user access to privileged utilities and tools. Static code analysis tools, debuggers, and even public bug tracking databases are all go-to hacker resources.Īny comprehensive app-security strategy must include controls to prevent or at list significantly reduce the unauthorized use of development tools on (or against) applications. ![]() ![]() ![]() Hackers are developers and they have a long history of enthusiastically embracing and adapting development (and DevOps) innovations to speed their work, extend their reach, and ship software – the only difference is that they’re more likely to use those development tools and platforms on YOUR software rather than on their own. Is there any reason to believe that burglars don’t shop the same sites? Search for lockpicking and you’ll see that there’s no shortage of suppliers ready to serve locksmiths and hobbyists, each community having a perfectly legitimate need. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |