Access "Tackling Web application security through secure software development"
This article is part of the Special Edition, August 2013 issue of Insider edition: Web application security
The importance of information security has permeated many enterprises to varying degrees, yet software security—and in particular Web-based software development— remains a vexing challenge for chief information security officers. It’s a great understatement to say that Web development teams have not traditionally been focused on security. Their incentives, and consequently their priorities, have been tied to implementing new features and meeting deadlines. Many development teams aren’t even aware that what they do affects security; instead they view security as a job handled not by developers, but by products such as firewalls and antimalware systems. However, the changing threat landscape and increasing frequency of Web application attacks has forced security-focused organizations to address Web application security through secure software development. The simple truth is that security measures that are “bolted on” after the software development process is complete have proven to be powerless in countering Web application attacks. For instance, firewalls ... Access >>>
Premium Content for Free.
Tackling Web application security through secure software development
by Dan Cornell
The threat landscape and increase of Web app attacks has forced security teams to tackle Web app security through secure software development.
- Tackling Web application security through secure software development by Dan Cornell
More Premium Content Accessible For Free
Threat intelligence and risk: Why cybersecurity hangs in the balance
As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...
How to respond to the latest distributed denial-of-service attacks
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...
Figuring out FIDO as the first products emerge
The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...