The security industry is constantly morphing to address new threats and needs, which is why we find it so important to stay up to date. Below is an industry news roundup from November.
Vulnerable web applications have become the weakest link in major breaches. Yet, most organizations have still not implemented any type of application security to protect them. “As many companies still believe that their websites do not deserve more sophisticated protection than automated vulnerability scanning and a WAF, attackers will probably get in within a couple of hours or even quicker.”
Company web applications are the most vulnerable point of exposure. The problem with web application breaches is that they are extremely hard to detect. “That’s a problem, because once attackers get in, they lurk undetected on networks for an average of 205 days, according to the 2015 Verizon Data Breach Investigations Report.”
Executives want more participation from board members, chairpersons and CEOs to prepare for data breaches. With the increase in web application breaches, it is more important than ever to have application developers at the front and center of your security management. “By including developers in decision-making conversations, businesses can communicate their concerns directly to the people creating and executing code, those who are responsible for the first piece of application security.”