Implementing an Application Security Policy: Nine Key Questions

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
Next Implementing an Application Security Policy: Nine Key Questions-4 Next

This is really the crux of the issue: Developers outnumber security professionals, yet we insist on differentiating ourselves with a “security culture” instead of getting to understand the developers’ culture. We may exclude the biggest ally we could possibly have by putting testing at the end, in tools or services that are outside of their normal environments, in a punitive exercise that is often duct taped and bailing wired in place. We then wonder why we fail as a cost center, when a profit center fights back using the business unit against us. Not everyone can be a security expert… Everyone can test for security defects.

There has been a lot of news lately about high-profile attacks on Web applications. Hackers employ tactics like cross-site scripting (XSS) and SQL injections, which have been around for more than 20 years. Yet, both are prevalent attack vectors now more than ever before - which makes it that much more important for organizations to have a formalized application security policy for their developer teams.

John Jacott, security evangelist for Coverity, which offers a development testing platform, sheds some insight on nine important questions that should be central to implementing an application security policy in any organization.

 

Related Topics : Vulnerabilities and Patches, Resellers, Broadcom, Broadband Services, Supercomputing

 
More Slideshows

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Global33-290x195 2017 and Beyond: How Digital Innovation Will Impact the World

Digital innovation is by far the biggest influencer, changing the way we do just about everything, from shopping to communication to running a business. ...  More >>

ArriaNLG-IoTAutomation0x Internet of Things Personified: Integration and Automation

The real value that the Internet of Things brings is at the intersection of gathering data and leveraging it. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.