Applications - the weakest link?
While companies are still grappling with which firewall to buy and whether intrusion detection systems are worth the trouble they put the administration through, security professionals are putting the spotlight on another part of the IT enterprise.
"Applications are key weaknesses in the security chain," explained Christopher Lim, associate, Technology & Security Risk Services, Ernst & Young, Singapore. "And most applications are developed without taking security into consideration. With web services being the next big thing, the risks is severe if security is not properly addressed for applications based on web services."
To nip this problem in the bud, Ernst and Young Labs for Internet and Security (EYLIS) partnered with Microsoft to establish a practice to provide assurance on the integrity of application systems. A result of this partnership is the Secure Development lab session came out jointly by EYLIS and Microsoft Singapore to provide training to organisations.
The Secure Development lab session teaches the fundamental development principles in creating secure applications based on Microsoft technologies using ASP and ASP.Net.
[ Read more ]
- Review: Secure Coding: Principles & Practices (17 October 2003)
- Review: Building Secure Software: How to Avoid Security Problems the Right Way (18 August 2002)