This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Jul 03, 2019
Web application security has become a critical issue for organizations of all sizes, and yet security organizations today are often understaffed for the job they're assigned to do. That's partly because there has been an explosion of web applications. In the past, an organization might need to scan its top five enterprise applications for vulnerabilities. Now organizations need to understand risk profiles for dozens, hundreds, or thousands of applications in production.
With the increase in the number of applications, a tremendous number of vulnerabilities are going unmitigated or unremediated, simply because there are more vulnerabilities than any organization has the time or staff to fix. And while the number of applications to manage has grown, the size of the security staff has not.
This paper describes such a risk-based approach, which can lead to better strategic decisions and enhance the ability of security organizations to succeed in their mission of securing web applications.