MOVEit Transfer Vulnerability: Lack of Supply Chain Visibility Exacerbates Breach View Post

00) Does your organisation develop any applications or systems that collect, process, or store data on behalf of clients?

August 31, 2022 Software Development Scoping

Answer yes if your organisation develops or programs any applications that are used to collect, process, or store data on behalf of clients.

Applications are a common target for cyber attack as they often offer a public facing way for attackers to access confidential information. Applications must therefore be protected. This domain of cyber security is known as Application Security.

Application security encompasses measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities. Different techniques are used to surface such security vulnerabilities at different stages of an applications lifecycle such as design, development, deployment, upgrade, maintenance.

How to implement the control:

There are numerous consultancies or individual consultants that will be able to assist in crafting an application security capability within your organisation. Please message us if you would like a recommendation.

If you would like to contribute to this article or provide feedback, please email Contributors will be recognised on our contributors page.

Leave a public comment

Please do not submit your answer on the knowledge base.