Avoiding security through obscurity
Does your application have any backdoors? For debugging or administrative purposes, does it listen on any ports? Have any superuser accounts been added for emergency access? In larger companies, this is the responsibility of the operations team, but if you can, also check them from a test perspective.
When you discovered your attack area, were any admin interfaces left open, such as telnet or SNMP, that needed to be secured? If possible, close these down; otherwise, you must ensure they are secured through the necessary passwords, access restrictions, and keys. Security requirements can often be combined to greater effect, so apply as many restrictions as possible.
Never rely on security through obscurity. If an interface is publicly accessible β whether itβs an open port or a particular URL β assume it will be found. The question is, what could an attacker learn from that interface, or what access do they gain? Restrict...