Penetration Testing & Vulnerability Assessments

Idea created by abdenterprises on Oct 18, 2017
    • jrenfrew
    • abdenterprises
    • wimdecorte
    • jbante

    wimdecorte mentioned to me at the last DevCon that a penetration test might be an interesting topic at DevCon.  I'm adding to that a Vulnerability Assessment.  These are both big topics, especially given that FileMaker can be deployed on Mac, Windows and AWS as well as Desktop, Web (in MANY ways) and iOS as well as integrated with many other platforms and technolgies. 


    What would a Pentration Test and a Vulnerability Assessment of look like in the FileMaker ecosystem?


    Can industry standard security tools be used to do pen testing and check for vulnerablities in a FileMaker Deployment?


    What would these two preventive security measures reveal about a FileMaker solution deployed using well known (industry standard) Security Best Practices for FileMaker?


    What risk reduction strategies and remediation techniques can be implemented by developers and organizations to reduce, or mitigate, any vulnerabilities revealed?


    What are the different risks associated with many deployment options for FileMaker?  Desktop vs. iOS vs. Web and Mac vs. Windows vs AWS?  What risks must be addressed from the new FileMaker API? 


    I wonder if this might be better addressed as a panel discussion or on training day.


    Any takers?