Read more articles in Web Application Security Insights
|
 |
| February 24, 2009 | | Read the latest EMA white paper on application security strategy |  EMA just published a white paper on application security today by analyst Michael Montecillo.
He names a variety of reasons why Web application security is still not embraced in companies, such as: the increase in attacks and compliance regulations, as well as difficult-to-automate processes, a steep learning curve, and highly charged political environments. Obviously hackers take advantage of these scenarios, as over 75% of the attacks happen at the Web application layer – it’s the low-hanging fruit. Montecillo suggests a few ways to better protect Web applications, including: - A security-aware culture -- rather than one solely focused on performance -- is required to protect against the easiest of exploits, as well as against the sophisticated attacks
- Better education about information security and how to code in a more secure manner are needed in every company
- Organizations must embrace education, automation, manual testing, and monitoring for an overall improved security posture
by
Erin Swanson
Eswanson@cenzic.com | | |
|
|
