In Search of Application Security
A recent post on application security over at CIO.com caught my attention. We hear a lot about network and server security, but rarely do we hear about application security. I assume that this is because people feel safe behind a firewall—but should they?
As CIO.com points out, with the rapid growth of the cloud and mobile apps, we may be leaving ourselves open to greater risk. For a rundown on how to prevent security lapses, check out Security Week, which offers up its best practices for application security.
As I delved deeper into this topic, I realized that most of the information I could find was really outdated. Cisco put up a guide back in March 2009, and Microsoft posted similar information from 2003. This prompted me to go to the expert on application security—The Open Web Application Security Project (OWASP).
I found that OWASP has a good reference section in the form of a wiki. Upon looking closer, however, the latest development guide was written in 2010, and when I tried to open it, the link was broken.
I decided to change gears and look for guidelines regarding Apple application security since the Cupertino-based company has more mobile apps than anyone around—at least that’s my guess. This took me to Dummies.com where there was a short tutorial on Apple application security that had no date. Finally, I found something on InformationWeek written in 2012 about Apple app security, which contains a few blurbs about application security though nothing earth shattering.
After hours of searching, I finally found something written recently on application security. EWeek.com has an article written in October 2012 about the concern for application security on mobile devices.
I must say it is disturbing to be unable to find any recent articles on application security. From what I can gather, application security is not being looked at. As we move to a more mobile-technology-based culture, this is not a good sign. I ask you, the reader, to respond if you find anything on this topic.
