Implementing an Application Security Policy: Nine Key Questions

Share  
1  |  2  |  3  |  4  |  5  |  6  |  7  |  8  |  9  |  10  |  11
Next Next

Create recognition programs for secure innovation and build cooperation between development groups (i.e., a scoreboard of flaws / defects fixed and award the teams that fix the most, or even just a movie / beer / pizza night with peers). It’s a great way to incentivize security and make it a priority across the board.

There has been a lot of news lately about high-profile attacks on Web applications. Hackers employ tactics like cross-site scripting (XSS) and SQL injections, which have been around for more than 20 years. Yet, both are prevalent attack vectors now more than ever before - which makes it that much more important for organizations to have a formalized application security policy for their developer teams.

John Jacott, security evangelist for Coverity, which offers a development testing platform, sheds some insight on nine important questions that should be central to implementing an application security policy in any organization.

 

Related Topics : Vulnerabilities and Patches, Resellers, Broadcom, Broadband Services, Supercomputing

 

More Slideshows

Time3-190x128 Ten Notable Google Project Management Apps

Here are 10 highly rated project management apps from the Google Apps Marketplace that could provide you with the organization needed to successfully complete your next project. ...  More >>

CallCenter4-290x195 Five Strategies to Transform Your Tech Support Offering

Unfortunately, the cost of maintaining a tech support staff is expensive, and each call comes at the expense of profitability. It's time to re-invent your tech support business unit. ...  More >>

Misc50-290x195 Six Ways File-Sharing Apps Have Failed the Enterprise

Is there a real risk involved with relying on consumer-grade file-sharing and sync solutions in the enterprise, or are CIOs overreacting? ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.