Social Network For Security Executives: Network, Learn & Collaborate
WHY APPSEC (APPLICATION SECURITY) WON’T ALWAYS BAIL YOU OUT OF APPLICATION BASED RISKS?
It is very typical of organizations to perform Web Application (WebApp) Security Assessments before the go-live of newer applications or periodic assessments of their existing applications. And these assessments are known by all sorts of aliases like Application Penetration Testing (App PenTest), Ethical Application Hacking etc. For those companies lacking the internal core…Continue
Added by Dhananjay Rokde on June 27, 2013 at 11:00am — No Comments
1. Run Time Application Security Protection (RASP)
Today applications mostly rely on external protection like IPS (Intrusion Prevention Systems), WAF (Web Application Firewall)etc and there is a great scope for a lot of these security features being built into the application so that it can protect itself during run time.
RASP is an integral part of an application run time environment and can be implemented as an extension of the…Continue
Added by bikash on May 14, 2013 at 6:30pm — No Comments
Static Application Security Testing (SAST)
SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.
• SAST can pin point the code where the flaw is.
• you can detect vulnerabilities before it is deployed:…Continue
Added by bikash on April 17, 2013 at 9:30pm — No Comments