Abstract
Securing application development in the enterprise world, where applications range from small in-house applications developed by a small department to large applications developed through an outsourcing company in a project spanning several years. In addition those applications that initially where not considered critical, suddenly become part of a critical process or those that were going to be used in a small and limited internal environment suddenly get promoted and published as a new service on the Internet.
To get a better feeling of what works and what does not work in the harsh world outside, this talk will present examples of do’s and don’ts coming from real world projects attempting to protect security applications in different stages: from the introduction of technical measures to prevent abuse of Internet-facing applications to source-code driven application security testing.
Chapter PDF
Similar content being viewed by others
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fernández-Sanguino, J. (2010). Protection of Applications at the Enterprise in the Real World: From Audits to Controls. In: Serrão, C., Aguilera Díaz, V., Cerullo, F. (eds) Web Application Security. IBWAS 2009. Communications in Computer and Information Science, vol 72. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16120-9_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-16120-9_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16119-3
Online ISBN: 978-3-642-16120-9
eBook Packages: Computer ScienceComputer Science (R0)