.lupomontero

Web application security is something that requires the collaboration between coders, designers, system admins, hosting providers, webmasters and businesses/organisations decision makers.

If security is not carefully planned at every level we could end up with a very secure operating system and network but a vulnerable app, or we could be running a super secure web app on a system with a vulnerable FTP server that we are not aware of and compromise the whole system. In the same way we could build a secure system and then start adding new features and components without following documented design guidelines and create new vulnerabilities as the project evolves.

A web application will always be “vulnerable”, because of its own nature. The question is: how do we manage this risk? Three complementary strategies should be implemented in parallel to ensure that we not only mitigate risk, but also prevent foreseeable problems and provide a clear disaster recovery strategy to minimise down-time. Read more

Bookmark to: