Before applications can be used in a production environment, we must ensure that they are as secure as possible to mitigate the risk of being attacked by an outside agency. We are going to look at three different aspects: sandboxing, environment, and secure baseline. Let's look at these in turn:
- Sandboxing: Sandboxing is where we can install an application in a virtual machine environment isolated from our network so that we can patch, test, and ensure that it is secure before putting it into a production environment. In a Linux environment, this is known as Chroot Jail.
- Environment: When we are designing an application, we need a secure staging environment for development, testing, and staging before moving the application into production. Such an environment is shown in the following diagram:
Figure 1: Environment...