Forrester Research in April 2011, wrote a new study on Application Security titled "Application Security: 2011 & Beyond" led by Dr Chenxi Wang, Lead Analyst at Forrester Research, that provides valuable research, insights and recommendations for security and risk professionals.
The report observes that sufficient resource allocation to address application security remains a significant issue for businesses - Even though secure application development is considered a top priority by IT professionals and web application hacking continues to be the number one source of data breach incidents.
There're several great recommendations in the paper which provide cost effective and incremental steps towards better application security. They include demanding better quality and security from vendors, acceptance testing for 3rd party software, disabling unused default accounts, building a secure operational environment around the application, and effective bug reporting and handling.
Additionally, one of the key recommendations identified in the paper is to implement a secure application development program, such as Microsoft's Security Development Lifecycle. Take a look to see the latest information and tools that Microsoft makes freely available.
You can read this study embedded below, or download using the link under:
[Source: SDL Team