Application Security

"Organizations must have a clear direction on how to plan, develop and sustain best practices of building more reliable & secure applications from the beginning of the cycle." - Gartner

Perimeter Security Includes Web Application Source Code

Your Web application source code is a part of your perimeter security. As organizations have worked to secure their network and platform security, a new focus must be directed at the flaws within its Web applications. The Open Web Application Security Project (OWASP) maintains a consensus of the most critical Web application security flaws including:

• Cross Site Scripting (XSS)
• Injection Flaws
• Malicious File Execution
• Insecure Direct Object Reference
• Cross Site Request Forgery (CSRF)
• Information Leakage and Improper Error Handling
• Broken Authentication and Session Management
• Insecure Cryptographic Storage
• Insecure Communications
• Failure to Restrict URL Access

Halock's Secure Application Services Group has a focus entirely on securing the data assets at the source. Service offerings are categorized with a focus of either assessment or remediation.

Assessment and Compliance Services

• Ethical Hacking
• Application Code Review
• SDLC Assessment
• Outsourcing Risk Assessment

Remediation & Secure Development

• Tools Integration
• Training and Education
• Application Firewall
• Application Architecture
• Data Encryption

(see VW Credit Case Study)