|
|
 |
|
Viewing report
|
|
|
|
The Rise of Application Security
Enterprise Management Associates, March 2007, Pages: 113
In recent months, application security risks have captured increasing attention—and headlines. Threats now include crime and fraud specifically pursuing financial gain. Sensitive application data has become a high-value target. Regulators have become aggressive in enforcing control of these risks, as well as controls to assure effective IT governance. Coming together today are a range of solutions that address a broad range of security concerns that factor into every phase of the application, throughout the software development lifecycle (SDLC) as well as throughout the lifecycle of IT operations. In this study, EMA examines today’s application security risks and the landscape of vendors and approaches across the spectrum of the application security challenge. Specific segments of the emerging application security marketplace are explored, with a view toward how enterprises can embrace and enhance the maturity of their application security strategy.
Many aspects of information technology play a critical role in application delivery—but the ultimate medium of information access and analysis has always been the application.
Applications are the primary interface between information users and consumers and IT assets. Even when accessing data at the lowest possible technical level, in today’s environment an application is typically required to obtain and deliver meaning. Of vastly more importance is the role the application has always played in the processing and analysis of data into useful information.
Today, applications are evolving farther still. From the beginnings of the network, which first enabled the bringing together of disparate IT resources, through the predominance of client-server computing, to today’s emphasis on the evolution of the Web, applications have grown in their sophistication. They have also grown toward each other, as application integration embracing Web, database, and content delivery technologies continues to define the state of the art in IT.
This increasing sophistication has not come without cost, however. The prevalence of distributed computing, the many moving parts of today’s application environments, and value of today’s application technologies have exposed applications to a higher degree of risk than ever before. Applications have become the custodians of tangible assets on a worldwide scale. The extent to which they may expose the enterprise to risk has recently been made evident in the cost of increasingly alarming data security breaches. Their complexity makes them fertile ground for exploit—and their value has attracted serious—and malicious—attention.
In this research report, Enterprise Management Associates (EMA) examines this evolution and looks at the domains that are today defining the rise of application security. Participants in secure development and source code security, operational application assessment, Web and database application security, and emerging technologies such as Web Services and Service Oriented Architectures (SOAs) are profiled, with a view toward the role of each not only throughout the software development lifecycle (SDLC), but in operations as well. Readers will gain insight into the landscape of this evolving aspect of IT security and risk management, and will be able to compare their organization’s level of maturity in application security against indicators of maturity in multiple application security domains.
Product samples
A sample for this product is available. Please Login/Register to download this sample.
|
|
|
|
