You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Document/11-MASVS-RESILIENCE.md
+8-6Lines changed: 8 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,14 +1,14 @@
1
1
# MASVS-RESILIENCE: Resilience Against Reverse Engineering and Tampering
2
2
3
-
Defense-in-depth measures such as code obfuscation, anti-debugging, and anti-tampering can increase an app's resilience against reverse engineering and specific client-side attacks. They add multiple layers of security controls to the app, making it more difficult for attackers to modify code or extract sensitive information.
3
+
Defense-in-depth measures such as code obfuscation, anti-debugging, anti-tampering, and runtime application self-protection (RASP) can increase an app's resilience against reverse engineering and specific client-side attacks. They add multiple layers of security controls to the app, making it more difficult for attackers to modify code or extract sensitive information.
4
4
5
-
The **absence of these measures does not in itself constitute a vulnerability**. Instead, resilience controls provide additional protection against threat-specific attacks. **All apps must also fulfill the rest of the OWASP MASVS** controls according to their threat model.
5
+
**The absence of these measures does not in itself constitute a vulnerability**. Instead, resilience controls provide additional protection against threat-specific attacks. **All apps must also fulfill the rest of the OWASP MASVS** controls according to their threat model.
6
6
7
7
## Business and Commercial Perspective
8
8
9
9
Resilience measures are particularly relevant when the app needs to protect business assets or deter client-side abuse. They can help mitigate risks such as:
10
10
11
-
- Theft or compromise of proprietary algorithms, trade secrets, or customer data
11
+
- Theft or compromise of proprietary algorithms, trade secrets, customer data, AI or machine learning models
12
12
- Fraud, cheating, or revenue leakage in online games, financial apps, or subscription models
13
13
- Legal and reputational damage due to breach of contracts or regulations
14
14
- Damage to brand reputation due to negative publicity or customer dissatisfaction
@@ -21,7 +21,7 @@ In some contexts, such as government, health, or other public-interest apps, res
21
21
22
22
- It reduces transparency of what the compiled application is doing
23
23
- Independent verification of the compiled application is more difficult
24
-
- The smartphone market is very diverse, and resiliency controls may flag edge-cases as untrustworthy, locking out those users
24
+
- The diversity of smartphone operating systems can lead to false positives, potentially excluding legitimate users
25
25
26
26
In case these concerns are valid for the target application, we recommend applying the following principles:
27
27
@@ -32,12 +32,14 @@ In case these concerns are valid for the target application, we recommend applyi
32
32
33
33
## Platform/Developer lock-in
34
34
35
-
Runtime resiliency controls focus on two things:
35
+
Runtime resilience controls focus on two things:
36
36
37
37
- The application and its own memory and files
38
38
- The underlying OS
39
39
40
-
While verifying the integrity of the application itself is typically OS-agnostic, the same cannot be said for verifying the underlying OS. For example, while there is an open-source version of Android (AOSP), this is typically not the OS that is installed on consumer devices. Instead, many different flavors are developed with small differences in feature sets and security controls. Some examples include Google Android, HarmonyOS, FireOS, LineageOS, /e/OS, etc. By implementing flavor-specific detection mechanisms, the application may not function on any other flavor of Android. This results in a platform lock-in, possibly excluding legitimate users from using the application.
40
+
While verifying the integrity of the application itself is typically OS-agnostic, the same cannot be said for verifying the underlying OS. For example, while there is an open-source version of Android (AOSP), this is typically not the OS that is installed on consumer devices. Instead, many different flavors are developed with small differences in feature sets and security controls. Some examples include Google Android, HarmonyOS, FireOS, LineageOS, /e/OS, etc. By implementing flavor-specific detection mechanisms, the application may not function on any other flavor of Android. This results in a platform lock-in, possibly excluding legitimate users from using the application.
41
+
42
+
Additionally, reliance on platform services such as Google Play Integrity API or Apple's App Attestation may further reinforce lock-in and limit accessibility for certain user groups.
0 commit comments