Application Security:

Application Security takes into account the measures that are taken throughout the life-cycle of the software to prevent the underlying vulnerabilities and exceptions. The applications control the use of the resources that are granted to them through application security. The principle approach based on the application security is:

1      Knowing your threats

2      Securing  the network , host and application

3      Incorporating security in software development process.

4      This approach is independent of the technology and platform.

There are two organizations that provide latest updates on the threats that impair the web based applications:

●     OWASP: Open Web Application Security Project is non-profit organization which focuses on improving the security of a software. The main aim is to make the security issues visible to the individuals as well as organizations so that they can be resolved by a unanimous effort and decisions.

●     WASC: Web Application Security Consortium is a non-profit organization developed by a group of experts, industry practitioners and organizational representatives for the purpose of imparting knowledge about the various security concerns of the applications and new advancements in this field.

One of the main features of application security is Security Testing of Applications.

Security Testing: Security Testing helps in finding the loopholes or vulnerabilities in the application that can lead to exploitation. Security testing is implemented at each step in the life cycle of the development of the software so that vulnerabilities can be found at early stages and thus addressed timely.