Security

Fundamentals of Application Security

Download Now Free registration required

Executive Summary

This paper presents trends in the attack landscape, the attacker mindset, the concept of software security risk and the need to manage this risk as an organization. This paper presents common and dangerous misconceptions that lead to a false sense of security, including: client-side security does not exist, QA is not security testing, the application is not the network, tools are not solutions, patches do not guarantee security, all software applications have bugs. This paper describes specific principles that help guide design, coding and implementation decisions.

  • Format: HTML
  • Size: 0 KB