Closed websec119 closed 2 years ago
How to Prevent 3rd item Use threat modeling for critical authentication, access control, business logic, and key flows
Use threat modeling for critical authentication, access control, business logic, and key flows
In this explanation, which do you mean by "key flows".
I would use "key lifecycle. Cryptographic operations seems ok as is. Just my 2 cents.
A04:2021 – Insecure Design
How to Prevent 3rd item
Use threat modeling for critical authentication, access control, business logic, and key flows
In this explanation, which do you mean by "key flows".