Cobb Galleria Centre
Two Galleria Parkway
Atlanta, GA 30339
10:15 a.m. Thursday, May 30, 2013
Thursday, May 30, 2013:Bala VenkatCenzic
The Three Pillar Application Security Model: A Domain approach in Application Security for Web, Web Services, and Mobile – to help organizations effectively secure their applications from online risks. Synopsis: Social media, big data, cloud and mobility are changing the way enterprises conduct business today. So much sensitive information is easily propagated and made available real time across multiple platforms, devices, and data centers. While this is the new norm, and facilitates speed, convenience, and efficiency, it also presents a whole new set of security challenges. Companies are pushing sensitive data, information, and applications to the cloud and online. Hackers are looking to exploit that one vulnerability to poke the application, the back end, . . . the database to retrieve the most guarded company information and financial assets.
As the adage goes . . . “Prevention is better than Cure”. Once the hackers have gotten entry to the information and data, it only becomes a question of figuring out what caused the breach and how to minimize the impact. So, it is imperative for organizations to take the necessary measure to protect their applications and IT infrastructure. Application Security must be a continuous proactive process. Every organization must ensure they’re protecting the three important domains it impacts. Pre-production/ QA / Testing environment . . . the traditional point where security assessments are conducted before applications are rolled into production. This area involves both static and dynamic testing.Production environment . . . this is where the most sensitive data resides and as the application is rolled into production, it is subject to a continuous volley of new threats and a fast moving risk vector. Data Center, Service Provider, Cloud environment are good examples where new vulnerabilities can be a serious threat to the application security.This environment must be protected from costly breaches. This is where the WAF’s and tight access management policy control come into play.Supply Chain and Partner Networks . . . Practically all organizations have various partners connecting into their web services and applications. One vulnerability in a partner web application, web services is all it takes - to propagate into the vendor network and cause a new level of breach. This becomes an important domain to safeguard for enterprises. Time: 10:15 AM - 11:15 AMRefreshments will be provided.
SecureWorld 2013: ISSA Chapter Meeting 0.00