We are excited to announce the new WhatWorks in Application Security Poster!
The front side of the poster focuses on why application security is important to any organization and the critical steps needed to make an application security program successful, including:
- Design: Review security requirements, security architecture, secure coding standards, and the tools your team can use to create secure software design from the beginning
- Test: Methods for testing your applications including dynamic analysis and static analysis tools, plus checklists for evaluating commercial tools and third-party penetration testing firms
- Fix: Covers code remediation and identifies some products that can be used for virtual patching
- Govern: Secure SDLC processes, metrics and reporting, and evaluating application security training
On the reverse side, the Securing Web Application Technologies (SWAT) checklist provides an easy-to-reference set of best practices that raise awareness and help development teams create more secure applications. Development teams can use the checklist to identify the minimum standard required to neutralize vulnerabilities their applications in the following areas:
- Data Protection
- Authentication
- Access Control
- Input & Output Handling
- Session Management
- Error Handling & Logging
- Configuration & Operations
Please visit http://www.sans.org/security-resources/posters/securing-web-application-technologies-swat-2014-60 to have a physical copy of the poster mailed to you (US only) or download a copy of it now!
