| Publisher | Microsoft | ||
|---|---|---|---|
| Format | HTML | Date added | 01 Jun 2003 |
| Topics | E-commerce Security, Anti-Hacking, Anti-Virus, Denial of Service, Firewalls, Intrusion Detection Systems, Network Security, Best Practices, Security Applications, Security Management, Security Standards, Security Tools, .NET | ||
| Downloads | 310 | ||
A hack-resilient application is one that reduces the likelihood of a successful attack and mitigates the extent of damage if an attack occurs. A hack-resilient application resides on a secure host (server) in a secure network and is developed using secure design and development guidelines.
Web application security must be addressed across the tiers and at multiple layers. A weakness in any tier or layer makes your application vulnerable to attack. This document utilizes a three-layered approach securing the network, securing the host, and securing the application. It also shows the process called threat modeling, which provides a structure and rationale for the security process and allows you to evaluate security threats and identify appropriate countermeasures. If you do not know your threats, how can you secure your system?
Did you find this white paper useful?
18 out of 50 users found this white paper useful
Related white papers
Maximising site vistors trust using extended validation SSL
Web business faces a crisis in confidence. Trust in site security is decling, resulting in consumers scaling back on web transactions or just opting out altogether. This white paper address...
What every E-buisness should know about SSL security and customer trust
Fear of fraud is well founded, Gartner reports nearly 2 million Americans were victims of fraud over the internet during a recent 12 month period. Gaining the trust of online...
The Next Generation of Managed Security Services
Internet Security Systems' Managed Security Services offer the industry's only guaranteed protection solutions, enabling organizations to, easily and confidently transition the protection of their network environment to a trusted security...
A Process Approach to Protecting Privileged Accounts & Meeting Regulatory Compliance
This white paper outlines a sound process-based approach in protecting critical privileged accounts that are found in virtually every application, database and infrastructure device throughout enterprises. This paper will present...
10 Reasons Why e-Commerce Fails
This whitepaper covers ten reasons why e-commerce fails, providing readers with advice on how to avoid these pitfalls. While there are a number of reasons why a business may not...
ANTI-SPAM SOLUTIONS - JANUARY 2009
IT decision-makers now have a multitude of email solutions to consider. However, regardless of whether businesses choose email appliances, software or hosted service solutions, there are highly pressing security...
EMAIL CONFIDENTIALITY AND THE LAW: A SURVEY OF U.S. LEGISLATION ON EMAIL ENCRYPTION
Whether absolutely required by some statutes or simply suggested by other laws, proper encryption of email is unavoidably something that companies handling personal, financial, or medical data must now consider...
