Derek Brink, VP & Research Fellow, Aberdeen Group
So you've successfully gotten started with your application security initiative -- now what? How do you take securing your applications to the next level?
Characteristics of the companies achieving top performance in application security include:
- Start from a solid foundation of testing
- Start small (e.g., with a proof-of-concept) and then expand by building on your success
- Establish a risk-based approach on what vulnerabilities to address and when
- Partner between the IT Security and Application Development teams to expand your program beyond testing to create a true software assurance program
Research from Aberdeen Group confirms that bringing about a systemic change across the entire software development lifecycle -- i.e., to become "secure at the source" -- yields the best results.
In addition to the use of several enabling tools and technologies -- including application vulnerability scanning, penetration testing, manual source code reviews, static source code analysis and verification, and dynamic source code analysis and verification -- this webinar will review the "people and process" capabilities that most strongly differentiate the top performers.