Are your enterprise business applications secure?
When technology vendors talk about security, you are most likely to be in a discussion about protecting investments in technology systems - preventing unauthorised access through attacks or locking down systems to prevent employees tampering with business information systems. But a problem that is harder to find the answer to is what vulnerabilities exist in the enterprise business applications that companies run. Many companies will try to secure their applications by wrapping security technology around them, but that still does not account for a prime area of vulnerability - the source code of those applications.
The sort of vulnerabilities that can be contained in application source code include the possibility of an attacker exploiting software that contains patches that are out of date to enter a corporate network, perhaps gaining access to sensitive company databases or an intranet. Companies regularly run penetration tests to check for such vulnerabilities - but most organisations have a huge number of applications within their networks.
By Fran Howarth at IT Analysis.
[ Read more ]