Last updated on April 19, 2014 at 21:20 EDT

SANS Survey on Application Security Policies in Enterprises

September 18, 2012

BETHESDA, Md., Sept. 18, 2012 /PRNewswire-USNewswire/ — With its unique access to a broad community of companies of every size and industry, SANS is conducting a 2-month survey to learn what policies are emerging among organizations with applications to protect.

“SANS is conducting this survey to understand what applications and AppSec risks these companies see as most critical to their security, where they are investing in their AppSec programs, what tools they are using and what else they are doing to manage the AppSec challenge,” says survey co-author, Jim Bird.

New application vulnerabilities and attacks unfold everyday. Meanwhile, applications are hard to monitor, full of vulnerabilities and easy to manipulate. The data gathered in this survey can help shape the industry, according to SANS Analyst executive editor, Deb Radcliff.

“Web, database, mobile and cloud applications–they’re all proving to be stealthy entry points into what should be secure networks,” Radcliff notes. “So the question becomes, how can SANS help the community implement holistic policy that covers the lifecycle of applications and melt away silos between developers, business units and security teams?”

As with all surveys, SANS needs the help of the community to share their experiences.

Please follow this link and take 10 minutes to answer the survey questions:

Help shape the future of application security practices and technologies and also enter to win a $300 American Express gift card, which will be awarded to one lucky winner!

Sponsored by NT OBJECTives, Qualys, Whitehat Security and Veracode, this survey will remain online until November 7, 2012. Results will be published at http://www.sans.org/info/113477 on December 13, 2012, during a related webcast.

To register for that webcast, follow this link:

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and by far the largest source for information security training and security certification in the world. In addition to world-class training, SANS offers certification via the ANSI accredited GIAC security certification program. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, newsletters, and it operates the Internet’s early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community. www.sans.org


Source: PR Newswire