Imagine a thief skulking around a mall parking lot. While that thief could go through the trouble of risk of detection by breaking windows to steal from some cars, he’s probably going to simply move from car to car checking for open doors. And more likely than not, at least a few of those car owners will have kindly left their doors unlocked. Guess which cars in this scenario are most likely to be hit?
You can think of web application security in the same way. Defend against the most convenient break-in methods used by hackers and you’re likely to avoid most types of break-ins.
So how do organizations go about the process of locking the proverbial doors on their Web apps?
In this white paper, Cenzic, a leader of web application security, describes the ABC’s of application security not as a checklist, but as a continuous protection cycle.