Application Security: Tools for Getting Management Support and Funding

by John Pescatore
Sept. 1, 2017 0 comments SANS Institute Pen Testing & Audits application and database security securing code

Most security professionals understand the importance of finding and eliminating application vulnerabilities. Yet, based on the rate of exploitation of vulnerable websites, it appears that web application protections have been neglected, because of underfunding or lack of focus.Exploitation of Internet-exposed applications is the leading threat to critical business data and sensitive customer information. Further, recent studies show that the major barrier to effective application security programs is the lack of management buy-in for required resources.