Even as more than 80% of cyber attacks target the application layer, a lot of businesses primarily invest in infrastructure and access protection. Three initiatives must be carried out in order to effectively tighten application security. First, focus on a secure development process. Second, a liberal use of constant testing, whether during the development, integration or production phase. And lastly, a secured deployment within an adequate infrastructure.
Realistically, these initiatives aren’t easy to carry out : applications number in the hundreds and are notoriously diverse, new development methods demand tougher constraints in regards to testing schedules, and costs need to be kept under control. And on top of it all, the security test requirement for major releases of sensitive applications calls for sizeable internal security teams with adequate tools and/or a contractor able to deliver a high quality “industrial” service.
The following speakers will explain you how to overcome these challenges : Jean-Paul Joanany, CISO at Generali, Yves Le Floch, development chief of cybersecurity at Sogeti and Claudio Merloni, Software Security Solutions Architect at HP Enterprise Security Products.
Meeting scheduled on Tuesday, October 20th 2015 from 8.30am to 10am at Cercle mixte du Quartier des Célestins (18 Boulevard Henri IV – 75004 Paris).
Download documents : Slides – HP_BestPracticeApproach.pdf