Operating systems were once the number one target for cyber attacks. As they became increasingly more secure over time, attackers started focusing more and more on the applications running on these operating systems. It is estimated that 85% of cyber attacks are now targeting application vulnerabilities. Add to this the fact that the application landscape of today is very complex, with developers leveraging a mix of home-grown, commercial, and open source code to build their applications and services, it is easy to see why application security is an important task that should be taken seriously. This chapter discusses the activities involved in detecting, mitigating, and preventing application vulnerabilities. It also touches on SecureSoftware Development Life Cycle (SDLC) topics that will help you create security oriented in-house applications.
The following topics are covered in this chapter:
- Application security
- Application security testing
- ICS application...