<![CDATA[Discuss: x isn't a security boundary because ... (where x is represented in https://attack.mitre.org/datacomponents/ or other control lists).]]>

<![CDATA[Discuss: x isn't a security boundary because ... (where x is represented in https://attack.mitre.org/datacomponents/ or other control lists).]]>Discuss: x isn't a security boundary because ... (where x is represented in https://attack.mitre.org/datacomponents/ or other control lists).

Counter point: Anything that changes the profile of the attack surface and presents an opportunity for detection can be considered a security boundary. Some may be more effective than others, some may have bugs, others may be configured badly but they all have some boundary value. The point of a security test is to point out the bugs and misconfigurations.

]]>https://board.circlewithadot.net/topic/a05d356b-1ba7-4027-82e7-99c265cf825e/discuss-x-isn-t-a-security-boundary-because-...-where-x-is-represented-in-https-attack.mitre.org-datacomponents-or-other-control-lists-.RSS for NodeFri, 15 May 2026 05:38:19 GMTTue, 28 Apr 2026 14:27:50 GMT60