Data breaches are common in today’s headlines. Criminal enterprises and hostile nation states have the resources to penetrate infrastructure controls and access data through web application vulnerabilities. Therefore, it is necessary to have an Application Security program in place to protect applications and prevent business impact.
This article provides a mid-level overview of an Application Security Program. It is necessary to establish supporting processes, standards and technologies. Start with a Multi-Generational Plan. Communicate to affected audiences and implement controls in a thoughtful and deliberate manner.