Application Security: The Turning Point?

14.11.2008
I wanted very much to write a column about how we've reached a turning point regarding application security.

It wasn't that I thought one particular cataclysmic event has changed our course for the better. Rather, it was an accumulation of smaller observations and developments:

-- Writers and bloggers like Jeremiah Grossman, Hugh Thompson, Gary McGraw (and many others) have done great work shedding light on the topic.

-- , the open Web application security project, has established chapters around the world, and its Top Ten Vulnerability list is ever more widely disseminated.

-- recently set forth a new certification covering application lifecycle security issues.

-- Both source-code analysis tools and application vulnerability scanners and services can help find flaws on either end of development and deployment. These technologies are maturing quickly.