PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
November 2010

The Application Security Testing Gap

Application security has become information security's "mot du jour," as it should be since the majority of hacks purportedly occur through the application layer. The rapid increase of interest in application security is evidenced by the explosive growth in membership in groups such as Open Web Application Security Project (OWASP), and the appearance of specific certifications, such as the Certified Secure Software Lifecycle Professional offered by ISC2. And it is apparent from the recent corporate acquisitions of such application security testing players as Ounce Labs and Fortify, by IBM and HP respectively, that the big guys also are recognizing the importance of application security. I have long been a strong advocate of ensuring that applications reflect user requirements, are engineered with security in mind, designed with security architectures, and built using secure coding practices. Such coverage goes a long way towards improving the overall security state of applications, which are commonly held to be among the most ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue