|
|
|
|
|
|
by Randomdevops
1259 days ago
|
|
|
Being only able to connect to declared dependencies. So say the application is compromised, it can't connect to the internet, from there it could only connect to the declared database and webservice. So those would need to have vulnerabilities too that could be exploiting from that end, hence limiting the blast radius. So not really worried about physical access, but more in the lines of a RCE(Spring4Shell) probing the rest of the network or a supply chain attack that tries to send out data... |
|
|