Security 101 for Web 2.0

As the threat landscape continues to shift toward financially motivated attacks directed at applications at large enterprises, building security into apps has never been more important. One of the criticisms of AJAX, used to increase and speed site interactivity, is that it could also be used to amplify attacks against outward facing Web apps particularly against providers of Software as a Service.

“Poor application development and a lack of integrating security best practices and tools into the SDLC [software development lifecycle] is one of the biggest security issues for Web 2.0,” says Gartner security analyst Amrit Williams. “Hackers are going after the application layer and businesses are externalizing more internally developed or outsourced applications.” Enterprise Systems |

Linked by shanmuga Tuesday, 18th July 2006 2:50AM