Application security in today’s world is a contention of serious concern. Throughout the development life cycle, security integration is a dominant practice and through deployment to usage and extending throughout the lifespan of the application, security remains a serious focus point.
Application security are practices, procedures, operations, techniques and considerations with a goal of protecting applications from malicious threats and exploitation that cause us harm.
Application security practices tend to waive off or reduce the odds that unauthorized parties would have access to our applications, by weeding out vulnerabilities that could enable attackers to gain access, steal, modify or destroy sensitive data or deter functions that are of value to us.
Defensive Security Controls in our systems/application are policies or practices integrated to barricade or withstand aggression or attack and respond to risks or threats and report when there is abnormal behavior in the application.
Defensive security control can be categorized under 3 measures - best practices
Detective
These are measures implemented to discover and alert on malicious or unauthorized activities that could happen within our system or application.
Control Measures:
Monitoring - automating the process of collecting and analyzing behaviors that indicate security threats in the application or system.
Vulnerability management - Regularly test systems to find out vulnerabilities that exist within the system.
Logging - A security log to track security-related records in chronological order.
Web application firewall - to protect web applications by monitoring and filtering traffic moving in and out of the application.Alerting- automated notifications to help stay aware of security changes. Blameless culture - making people feel safe to report vulnerabilities they find in the application.
Preventative Controls in Application/System Security Security mechanism and practices which aims at deterring incidents before they happen.
Control Measures:
Validation and testing input received by the application to ensure compliance against predefined standards. Using good quality third party components and ensuring that the software you are building is made of quality materials.
Hardening configuration to ensure that it is being done with security in mind to prevent simple attacks that could cause harm to applications or end-users.
Web application firewalls mechanism to prevent common attacks by looking at access requests coming through to our servers and deciding whether to accept them or not based on regular expressions and usage patterns.
Using trust by verify design approach to eliminate data breach and improve confidentiality.
Threat assessment - identifying and evaluating potential threats and analyzing the likelihood in relation to the application.
Employ encryption to make data unreadable and prevent unauthorized users from accessing it.
Enforce user control access or principle of least privilege to grant user access ONLY on information they need.
Enable multi-factor authentication system to lengthen authentication and further verify intending users. Periodic system/application update and patching.
Responsive controls A control or process designed to respond to identified/detected threats to reduce risks, minimize impacts or returns operations to normal. It is more like having an escape plan.
Control Measures:
Incident response planning to plan ahead should be security incidence.
Bug bounty programs to discover vulnerabilities in our systems.
Post incidence reviews and retrospectives which allows us to learn from this incidence and find ways to improve our practices.
Application/system security involves balancing a number of controls to reduce risks. Our data, people, and systems should be protected through prevention, detection, and response. Control measures evolve alongside technology and the threat landscape; It is our duty to be aware of these trends and keep an eye out for novel ideas.
Inspiration credit: Safestack.io