The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Practical Web Application Security Audit Following Industry Standards and Compliance
Abstract
A rapidly changing face of internet threat landscape has posed remarkable challenges for security professionals to thwart their IT infrastructure by applying advanced defensive techniques, policies, and procedures. Today, nearly 80% of total applications are web-based and externally accessible depending on the organization policies. In many cases, number of security issues discovered not only depends on the system configuration but also the application space. Rationalizing security functions into the application is a common practice but assessing their level of resiliency requires structured and systematic approach to test the application against all possible threats before and after deployment. The application security assessment process and tools presented here are mainly focused and mapped with industry standards and compliance including PCI-DSS, ISO27001, GLBA, FISMA, SOX, and HIPAA, in order to assist the regulatory requirements. Additionally, to retain a defensive architecture, web application firewalls have been discussed and a map between well-established application security standards (WASC, SANS, OWASP) is prepared to represent a broad view of threat classification.
Related Content
|
Chaymaâ Boutahiri, Ayoub Nouaiti, Aziz Bouazi, Abdallah Marhraoui Hsaini.
© 2024.
14 pages.
|
|
Imane Cheikh, Khaoula Oulidi Omali, Mohammed Nabil Kabbaj, Mohammed Benbrahim.
© 2024.
30 pages.
|
|
Tahiri Omar, Herrou Brahim, Sekkat Souhail, Khadiri Hassan.
© 2024.
19 pages.
|
|
Sekkat Souhail, Ibtissam El Hassani, Anass Cherrafi.
© 2024.
14 pages.
|
|
Meryeme Bououchma, Brahim Herrou.
© 2024.
14 pages.
|
|
Touria Jdid, Idriss Chana, Aziz Bouazi, Mohammed Nabil Kabbaj, Mohammed Benbrahim.
© 2024.
16 pages.
|
|
Houda Bentarki, Abdelkader Makhoute, Tőkési Karoly.
© 2024.
10 pages.
|
|
|