This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Day 5
From OWASP
Revision as of 22:44, 5 January 2015 by Gabrielgumbs (talk | contribs)
< Back to The Application_Security_Program_Quick_Start_Guide
Key activities
- Implement compensating controls & mitigation controls
- Remediation Prioritization
Compensating Controls
- Implement compensating controls to limit the likelihood of successful attacks; for example, deploy web application firewalls (WAFs) that inspect all traffic flowing to the web application for common web application attacks.
Mitigating Controls
- Implement mitigating controls to discover and prevent mistakes that may lead to the introduction of vulnerabilities; for example, Control 6 of the CSIS 20 Critical Security Controls – Application Software Security. Build security into the development life cycle.
Remediation Prioritization
- Implement remediation prioritization driven by financial calculations. Compare the cost of fixing specific
< Back to The Application_Security_Program_Quick_Start_Guide