Comments on: We’ve Reached the Application Security Tipping Point http://www.veracode.com/blog/2008/11/we%e2%80%99ve-reached-the-application-security-tipping-point/ Application security testing, analysis, and metrics Tue, 15 May 2012 22:16:53 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: smith http://www.veracode.com/blog/2008/11/we%e2%80%99ve-reached-the-application-security-tipping-point/comment-page-1/#comment-3441 smith Thu, 29 Apr 2010 10:18:57 +0000 http://www.veracode.com/blog/?p=447#comment-3441 Wow! Great Post! Thanks a lot for sharing such a nice article.Application security encompasses measures taken throughout the application's life-cycle to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application. For more information check this link: http://www.eccouncil.org/certification/ec-council_certified_security_officer.aspx Wow!
Great Post!
Thanks a lot for sharing such a nice article.Application security encompasses measures taken throughout the application’s life-cycle to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application.

For more information check this link: http://www.eccouncil.org/certification/ec-council_certified_security_officer.aspx

]]> By: Common Applications Are Now The Weakest Link | securosis.com http://www.veracode.com/blog/2008/11/we%e2%80%99ve-reached-the-application-security-tipping-point/comment-page-1/#comment-2355 Common Applications Are Now The Weakest Link | securosis.com Tue, 18 Nov 2008 00:15:45 +0000 http://www.veracode.com/blog/?p=447#comment-2355 [...] Two articles this week reminded me of something I’ve been meaning to talk about. First, Chris Wysopal talks bout how we’ve reached an application security tipping point. How the OS vendors are doing such a (relatively) good job at hardening the operating system that [...] [...] Two articles this week reminded me of something I’ve been meaning to talk about. First, Chris Wysopal talks bout how we’ve reached an application security tipping point. How the OS vendors are doing such a (relatively) good job at hardening the operating system that [...]

]]> By: Liquidmatrix Security Digest » Security Briefings - November 10th http://www.veracode.com/blog/2008/11/we%e2%80%99ve-reached-the-application-security-tipping-point/comment-page-1/#comment-2334 Liquidmatrix Security Digest » Security Briefings - November 10th Mon, 10 Nov 2008 14:22:08 +0000 http://www.veracode.com/blog/?p=447#comment-2334 [...] We’ve Reached the Application Security Tipping Point - Veracode [...] [...] We’ve Reached the Application Security Tipping Point – Veracode [...]

]]> By: The Daily Incite - 11/06/08 - No sharing (and it’s a problem) [Security Incite Rants] | Small Business System http://www.veracode.com/blog/2008/11/we%e2%80%99ve-reached-the-application-security-tipping-point/comment-page-1/#comment-2329 The Daily Incite - 11/06/08 - No sharing (and it’s a problem) [Security Incite Rants] | Small Business System Sat, 08 Nov 2008 04:04:49 +0000 http://www.veracode.com/blog/?p=447#comment-2329 [...] eloquently discusses something that we probably already knew, but didn’t want to say. Everything is a target, which means everyone has to worry about little things like application secur... Of course, this is great news for Chris at his day job, though because everything is at risk [...] [...] eloquently discusses something that we probably already knew, but didn’t want to say. Everything is a target, which means everyone has to worry about little things like application secur… Of course, this is great news for Chris at his day job, though because everything is at risk [...]

]]> By: Steve Christey http://www.veracode.com/blog/2008/11/we%e2%80%99ve-reached-the-application-security-tipping-point/comment-page-1/#comment-2324 Steve Christey Wed, 05 Nov 2008 17:42:55 +0000 http://www.veracode.com/blog/?p=447#comment-2324 While we have not done a similar analysis in CVE, I believe that ISS' statistics are valid based on what we are seeing. Further, for the OS software vendors, the types of vulnerabilities are often unusual (e.g. use-after-free, missing initialization) or very difficult to find and exploit. While we have not done a similar analysis in CVE, I believe that ISS’ statistics are valid based on what we are seeing.

Further, for the OS software vendors, the types of vulnerabilities are often unusual (e.g. use-after-free, missing initialization) or very difficult to find and exploit.

]]> By: Jeff Williams http://www.veracode.com/blog/2008/11/we%e2%80%99ve-reached-the-application-security-tipping-point/comment-page-1/#comment-2323 Jeff Williams Wed, 05 Nov 2008 11:58:48 +0000 http://www.veracode.com/blog/?p=447#comment-2323 Some more thoughts on the fact that we've reached a tipping point from the OWASP AppSec Conference in NYC last month - http://video.google.com/googleplayer.swf?docId=-228977859802026041 Some more thoughts on the fact that we’ve reached a tipping point from the OWASP AppSec Conference in NYC last month – http://video.google.com/googleplayer.swf?docId=-228977859802026041

]]>