YES! Having a Firewall in place that restrict access to your database and/or internal services doesn’t guarantee the fact that your assets will be secured. We usually consider any restriction integrated by a Firewall to be a “Security by Obscurity” mechanism and not by far a real security mitigation approach. Any person that can use a stick in a local network, connect to wifi in your building or access one of your online and public services could also escalate his privileges to obtain sensitive data.
We have a Firewall in place that restrict access to our database and internal services. Do I still need Security Testing?
0 Flares 0 Flares ×