Endpoints are the systems that exist at the end of communications systems, like workstations and mobile devices, as opposed to intermediary systems such as load-balancers, routers, etc. In security, endpoints nearly always refer to the client end (mobile phones, laptops, workstations, etc.)
Questions tagged [end-points]
30 questions
16
votes
4 answers
Detecting Hardware keyloggers... elegant solutions?
My company recently discovered a hardware keylogger installed during an routine maintenance procedure.
We tried catching the culprit but unfortunately it doesn't seem like we are going to be able to, so the culprit is still at large.
We're looking…
PuzzledITMan
- 161
- 1
- 1
- 4
6
votes
6 answers
Blocking insecure iPhones from accessing ActiveSync
Considering that the iPhone 3GS and the iPhone 4 (and the latest iPad) all support local device encryption, how do you enforce that only secure devices can connect to your ActiveSync endpoint?
In other words, how do you prevent older iPhones and…
makerofthings7
- 50,090
- 54
- 250
- 536
5
votes
1 answer
CSRF on GraphQL endpoint
I am currently doing bug bounty on a company which uses GRAPHQL for their query language and would like to check if CSRF is possible. After playing around with burpsuite I have conclude the following;
Company doesn't use csrf token when fetching…
Emanuel Beni
- 133
- 8
4
votes
1 answer
How does FireEye HX work?
Can someone please expand on how FireEye HX works, what does it do exactly? Here is the site info: https://www.fireeye.com/products/hx-endpoint-security-products.html, but it's written in such an empty language that should get a reward for saying…
costa
- 211
- 2
- 4
2
votes
3 answers
Stop User Enumeration requests on AJAX endpoints
I have an ecommerce website with over 5 million customer database. From past couple of days, probably a hacker is hitting an AJAX endpoint continuously. This endpoint takes email address as a parameter and returns whether that email address is…
Abhinav
- 139
- 4
2
votes
2 answers
Behavior Monitoring in Endpoint Protection Platform
There are some EPP solutions that are considered very innovative (Crowdstrike, SentinelOne...) for the use of Behavior Monitoring. What is the difference with more standard EPP solution (ex. Symantec Endpoint Protection) that have also some…
NxA
- 23
- 3
2
votes
2 answers
How to protect API endpoint from abuse in mobile App?
Let's assume I have a mobile app that fetches the news feed from an url on my server.
GET/ https://example.com/api/v1/newsfeed
Is there a way to restrict the access to this endpoint to only from within the mobile app, not other sources souch as a…
TSR
- 185
- 2
- 5
1
vote
1 answer
How to protect against portable applications
There are many portable apps around that could be downloaded and run on local PCs.
Usually running of exe could be blocked by using UAC. however, in this case of portable applications, how do I mitigate/restrict from execution? ( I know restricting…
dorothy
- 715
- 1
- 7
- 18
1
vote
1 answer
Communication between two open endpoints, is this secure enough?
I'm building a (very simple) tool to communicate between two servers. I started by asking if there was a better alternative than making a home made scripts and we came to the conclusion that for starter, a home made script was enough. (On…
Cyril N.
- 2,649
- 2
- 18
- 28
1
vote
0 answers
Kusto to Osquery translator?
Osquery is a great open standard for collecting data from endpoints, using SQL syntax.
Kusto is a new Microsoft language for collecting data from Windows endpoints, using syntax which is almost--but not entirely--unlike SQL.
Microsoft is publishing…
user502
- 3,261
- 1
- 22
- 18
1
vote
2 answers
Enpoint protection: How to search an organisation for hash value
As part of incident response to malicious code outbreak and given the hash value of the malicious artifact, I would like to search across the entire organization for this specific hash value.
Do you know of best practices or solutions that implement…
user1192748
- 273
- 1
- 8
1
vote
2 answers
How to secure an email subscription endpoint?
I have a simple static webpage that lets users sign-up for a newsletter. Once they enter their email address, it gets sent to a public endpoint (AWS Lambda). This lambda function forwards the email address to a subscription list manager endpoint…
Saul
- 11
- 2
1
vote
1 answer
Secure endpoint for root domain only, no subdomains
I have an existing endpoint, for example https://api.example.com/ ... I have an existing CORS policy enabled which only allows access from origin example.com.
However, when I visit the endpoint URL directly (ie. https://api.example.com/api/login in…
24x7
- 113
- 2
1
vote
2 answers
How to secure email validation endpoint?
We have email validation in our registration form (an Ajax call to a REST endpoint to validate an email address when a user enters it).
Lets say a normal form first name, Last name, Email, Password, Address...
We have 2 actions in this form.
When…
Ntwobike
- 111
- 3
1
vote
1 answer
Additional risks to home network in exposing (raspberry pi) honeypot to the internet
While I would like to contribute piping of logs from a home-deployed honeypot to the DSHIELD project using a raspberry pi, I am concerned that the additional exposure of the port to the internet would provide:
A wider exposure surface
An additional…
George
- 739
- 1
- 6
- 22