Protecting Applications

The basics are still often missed in application security.

What is the position in your firm?
Are there additional practices which could better ensure that your information and transactions are protected?
Are you still getting audit recommendations on security that tie up resources way after an application is in production?


Much security activity is taken with checking security in production or within new projects as they are deployed. There is some value in these processes but most agree that building security into applications and projects as they are developed and / or integrated is more effective and cheaper. Despite this the common immature approaches are still prevalent.

DMW Information Security has insight and experience of approaches such as those in the Building Security In Maturity Model  (BSIMM) and Microsoft SDL and OWASP to introduce new approaches that integrate into modern application development methodologies.

Whether your application development is insourced, outsourced, on-shore or off-shore there is an opportunity to articulate security requirements early; train development personnel to build security themselves and to optimise security testing and remediation efforts before going into production.
 

Industry Links:

Building In Security Maturity Model
Microsoft Systems Development Lifecycle
OWASP
 

© DMW Group 2011
Contact Us
DMW Group, 13 Charles II Street, London, SW1Y 4QU
Telephone: +44 (0)20 7404 2233 Email: