3 Tips to Improve Your Organization’s Application Security

Did you know that 65% of all reported attacks in 2007 were in the application layer, according to the FBI? Applications are the new playground for hackers and with more apps being developed daily, it makes for one very tempting area for the bad guys. Let’s look at three ways you can make a difference [...]

Did you know that 65% of all reported attacks in 2007 were in the application layer, according to the FBI? Applications are the new playground for hackers and with more apps being developed daily, it makes for one very tempting area for the bad guys. Let’s look at three ways you can make a difference in blocking these attacks:

  1. Integrate Application Security into the Software Development Life Cycle (SDLC). Add security to the following phases: requirements, business impact analysis, functional testing, and quality assurance. When you improve your SDLC in this way, you will catch red flags during the designing phase and not later. You’ll also ensure that the security team recognizes the impact and interactions necessary for security and increase the consistency in maintaining standards.
  2. Get Proactive – Develop programming standards, embrace development frameworks, create baselines for internal and external applications, create testing procedures, and – make sure to publish this information internally.
  3. Educate Developers - This is the most important strategy. It can eliminate a significant number of vulnerabilities by providing an ongoing general awareness. Deep training for leaders will build a strong foundation for training teams who will be empowered to implement a stronger appsec program. Helping developers evaluate outdated applications, for instance, will go a long way toward preventing any potential vulnerabilities from being exploited.

SQL injection and XSS account for 32% of all indents alone! More web applications are being developed which means more targets for the attackers. The threats are data loss, regulatory and legal issues, a loss of customer confidence, a loss of system/network control, an increase of more bots, phishing expeditions, and malware. By following these tips, you will significantly decrease the number of attacks.

Evaluating your frameworks can really help with determining outdated software that would affect your applications; both internal and external. Should you have any questions about the tips or desire additional assistance in the design of your appsec program, please don’t hesitate to contact MSI for help.


Read Full Article
Written on Wednesday, 04 November 2009 01:04 by

Viewed 22 times so far.
Like this? Tweet it to your followers!
Published in Subscribe to the RSS feed of Network Security & Hacking News  Network Security & Hacking News / Subscribe to the RSS feed of Latest Security News  Latest Security News
Like this? Let your friends know now!

Rate this article

Latest articles from

Latest 'tweets' from GovernmentSecurity

  • News Update: Cyber war is coming, the impact could be huge: CBS News reports that cyber.. http://bit.ly/1tx1kr | #Security Link Monday, 09 November 2009 07:35
  • News Update: Tenable Network #Security Podcast - Episode 11: Welcome to the Tenable Netw.. http://bit.ly/2Iqd6G | Security Link Monday, 09 November 2009 07:35
  • News Update: Consent will be required for cookies in Europe: EDITORIAL: A law that dema.. http://bit.ly/3JYgip | #Security Link Monday, 09 November 2009 07:35
  • News Update: CBS 60 Minutes tackles cyber-terrorism: Could hackers get into the compute.. http://bit.ly/2d5Y21 | #Security Link Monday, 09 November 2009 07:35
  • Blog Update: We have launched the new GovernmentSecurity.org: We decided to launch th.. http://bit.ly/2G1SSF | #Security Link Saturday, 07 November 2009 17:38
blog comments powered by Disqus
back to top

Site Search

Disqus Tools