The types of design vulnerabilities often found on endpoints involve defects in client-side code that is present in browsers and applications. The defects most often found include these:
- Sensitive data left behind in the file system. Generally, this consists of temporary files and cache files, which may be accessible by other users and processes on the system.
- Unprotected local data. Local data stores may have loose permissions and lack encryption.
- Vulnerable applets. Many browsers and other client applications often employ applets for viewing documents and video files. Often, the applets themselves may have exploitable weaknesses.
- Unprotected or weakly protected communications. Data transmitted between the client and other systems may use weak encryption, or use no encryption at all.
- Weak or nonexistent authentication. Authentication methods on the client, or between the client and server systems, may be unnecessarily weak. This permits an adversary to access the application, local data, or server data without first authenticating.
- Operating system examination
- Network sniffing
- Code review
- Manual testing and observation
