I'm doing penetration-testing on an Android application.
This application detects ROOT environment, but instead of stopping the application and exits, it's displaying a warning message and letting the user decide about running or not.
So based on OWASP for Mobile (MASVS), is it a correct implementation or not?
0 Replies