Integrity is one of the core security principles of Information Security and refers to the prevention of unauthorised malicious or accidental modification or deletion of information and system resources. This may also mean that: Modification to the data cannot be made by unauthorised users or processes. Unauthorised modifications to the data cannot be made by [...]

Tags: Application Security Assurance, Information Security, Integrity

Confidentiality is one of the core principles of Information Security and refers to the prevention of intentional and unintentional unauthorised disclosure of sensitive and confidential information. In other words, it is the process of making sure that the information is only available to authorised personnel or processes. Sensitive and confidential information may include personal customer [...]

Tags: Application Security Assurance, Confidentiality, Information Security

Achieving application security is easier said than done. Bolting security on top after the application has gone into production is not only ineffective, but is also cost prohibitive. Without setting meaningful application security goals in the beginning, security can only be achieved haphazardly, therefore providing only false sense of security, if at all. The best [...]

Tags: Application Security Assurance, Application Security Program Development, Secure SDLC

Businesses may have many reasons not to think hard about web application security or it may sometimes be difficult to justify the cost when it comes to protecting a web application which is working just fine. Although it may not be an exhaustive list, below we have come up with some reasons why businesses should [...]

Tags: Web Application Security