Software applications play an integral role in how we interact with the world around us. They help us ask for directions, meet the love of our life (or a close enough equivalent), shop, build new technologies, and more. However as the software development industry has seen massive growth in recent years, we need to ask if organizations are doing enough to follow application security best practices to keep their users safe from the likes of hackers and other digital miscreants.
The growth of mobile applications, Internet of Things (IoT), and the fact that it has become standard practice for companies that do not come from the software development industry to develop applications, have all led to a situation where issues of application security can fall through the cracks. This is especially true with less experienced development teams that are rushed to get their new version up on time and may not be up on application security best practices that they can employ to keep their products secure.
In hopes of saving these teams, as well as providing a solid refresher for more experienced organizations, we have pulled together the top 10 application security practices that you should already be using for your organization.
Track Your Assets
You can’t protect what you don’t know you have.
Do you know which servers you are using for specific functions or apps? Which open source components are you using in you various web apps?
Just ask Equifax which was recently hit with a $700 million fine for their failure to protect the data of over 145 million people how important it is to remember which software is running in which application. The credit rating agency suffered the breach when they failed to (Read more…)
*** This is a Security Bloggers Network syndicated blog from Blog – WhiteSource authored by Gabriel Avner. Read the original post at: https://resources.whitesourcesoftware.com/blog-whitesource/application-security-best-practices