MASTG-BEST-0029: Implementing Resilience and RASP Signals

Placeholder Best Practice

This best practice hasn't been created yet and it's a placeholder. But you can check its status or start working on it yourself. If the issue has not yet been assigned, you can request to be assigned to it and submit a PR with the new content for that best practice by following our guidelines.

Check our GitHub Issues for MASTG-BEST-0029

If an issue doesn't exist yet, please create one and request to be assigned to it.

Draft Description

Resilience controls and RASP (Runtime Application Self-Protection) style checks are defense in depth measures that raise attacker cost by detecting risky environments and runtime tampering. They do not replace secure design and they are inherently bypassable, so they should be selected and tuned based on the app's threat model and risk tolerance.

Tests

MASTG-TEST-0324: References to Root Detection Mechanisms MASTG-TEST-0325: Runtime Use of Root Detection Techniques