Application Security Is in the News Again
The importance of secure software to organizations becomes clearer each year. Web-facing software that manages sensitive data is an attractive target for malicious hackers. It can provide a pathway to data, including personally identifiable information (PII) that can be used for identity theft, personal health information (PHI) that can be leveraged for insurance fraud, financial data that can allow securities fraud, and intellectual property and trade secrets valued by competitors and nation-states.
The attacks take several forms. Criminals can take advantage of vulnerabilities in popular open-source projects to gain access to systems. This was the attack vector in the 2017 breach at the consumer credit reporting agency Equifax that exposed personal data of 143 million consumers. Similar vulnerabilities in commercial software offer similar access.
No organization is “under the radar” for criminals. Supply chain security is necessary in today’s interconnected world. A weakness in a vendor’s or partner’s security profile can introduce risk to its customers...Read More!
