Businesses increasingly rely on web and other internet-connected applications to offer improved services to their customers and provide information processing efficiencies internally. Many businesses have unique requirements that cannot be met by commercial applications and thus develop these applications themselves. In-house development teams often build applications under time and resource pressures, with a focus on delivering features. Security has traditionally been left to the networking teams in the business.

Today, with the proliferation of internet-connected applications, the focus of attackers has moved from the network to the applications themselves. More than 80% of attacks perpetrated today are against applications. Applications find themselves in an increasingly hostile environment.

Furthermore, development teams are often large and distributed. Applications are regularly updated to fix bugs, implement additional features and stay up to date with a changing environment. In order to predictably and repeatedly address application security vulnerabilities in this dynamic environment, application security must be made part of the software development life cycle (SDLC). It should be a thread that is woven through the SDLC, touching each phase in the process. Building security into applications must be part of a disciplined application development methodology.

In partnership with SensePost, ThinkSmart's "Building security in" training course is a one-day, detailed review of the practice of building secure applications, from the governance drivers for application security to practical examples of how to defend against common vulnerabilities.

Application security can be daunting but through the experience of others and great online resources, help is at hand. We will show you how to implement an application security strategy that both addresses your immediate needs and has a lasting effect.

Please see our Training Schedule, or Contact Us to book your place.