Application Security

Traditional security offerings are built for the protection of the network and platform. As attacks become more dynamic, business applications have also become subject to external and internal threats. In particular, there are an ever-increasing number of attacks targeted at internet facing applications. The sophisticated forms of attacks can bypass the firewall and take advantage of vulnerabilities arising from poor coding, poor design and a misconfigured platform.

Securing applications involves integrating risk management practices into the system development life cycle (SDLC) and applying age old information security principles at three layers: the network layer, host layer, and the application layer.

• Security architecture reviews
  
• Secure application development training
  
• Technical Risk Assessments
  
• Application BCP/DR planning
  
• Low-level technical reviews
  
• Reverse engineering
  
• Line by line code analysis