Add MSTG-RESILIENCE-7 and MSTG-RESILIENCE-8 #1113

commjoen · 2019-01-11T09:26:40Z

Add 8.7 and 8.8 for android and ios: show how you can delay the attacker or report tampering to the backend as a response to a tamper detected
8.7: The app implements multiple mechanisms in each defense category (8.1 to 8.6). Note that resiliency scales with the amount, diversity of the originality of the mechanisms used.
8.8: The detection mechanisms trigger responses of different types, including delayed and stealthy responses.

sushi2k · 2019-01-23T14:21:16Z

I guess it would make sense to mention Safetynet for Android as one mechanism that could be used to achieve this (report tampering) https://developer.android.com/training/safetynet/

commjoen · 2019-01-24T08:17:51Z

True :)

commjoen added this to the 1.2: Android and iOS updates milestone Jan 11, 2019

commjoen added this to To do in OWASP MSTG via automation Jan 11, 2019

commjoen added the Good first issue label Jan 11, 2019

cpholguera changed the title ~~Add 8.7 and 8.8 for android and ios: show how you can delay the attacker or report tampering to the backend~~ Add MSTG-RESILIENCE-7 and MSTG-RESILIENCE-8 Apr 16, 2020

cpholguera added Android iOS 📃 Requirement labels Apr 16, 2020

OWASP / owasp-mstg

Add MSTG-RESILIENCE-7 and MSTG-RESILIENCE-8 #1113

Add MSTG-RESILIENCE-7 and MSTG-RESILIENCE-8 #1113

commjoen commented Jan 11, 2019 •

edited

sushi2k commented Jan 23, 2019

commjoen commented Jan 24, 2019

OWASP / owasp-mstg

Sponsor OWASP/owasp-mstg

Add MSTG-RESILIENCE-7 and MSTG-RESILIENCE-8 #1113

Add MSTG-RESILIENCE-7 and MSTG-RESILIENCE-8 #1113

Comments

commjoen commented Jan 11, 2019 • edited

sushi2k commented Jan 23, 2019

commjoen commented Jan 24, 2019

commjoen commented Jan 11, 2019 •

edited