Access your Pro+ Content below.
Tackling Web application security through secure software development
This article is part of the Special Edition, August 2013 issue of Information Security magazine
The importance of information security has permeated many enterprises to varying degrees, yet software security—and in particular Web-based software development— remains a vexing challenge for chief information security officers. It’s a great understatement to say that Web development teams have not traditionally been focused on security. Their incentives, and consequently their priorities, have been tied to implementing new features and meeting deadlines. Many development teams aren’t even aware that what they do affects security; instead they view security as a job handled not by developers, but by products such as firewalls and antimalware systems. However, the changing threat landscape and increasing frequency of Web application attacks has forced security-focused organizations to address Web application security through secure software development. The simple truth is that security measures that are “bolted on” after the software development process is complete have proven to be powerless in countering Web application ...
Features in this issue
The threat landscape and increase of Web app attacks has forced security teams to tackle Web app security through secure software development.