Web security is at the top of customers’ minds after many well-publicized personal data breaches, but the people who actually build Web applications aren’t paying much attention to security, experts say. They’re totally ignoring it,” says IT consultant Joel Snyder. “When you go to your Web site design team, what you’re looking for is people who are creative and able to build these interesting Web sites… That’s No. 1, and No. 9 on the list would be that it’s a secure Web site.
” The biggest problem is designers aren’t building walls within Web applications to partition and validate data moving between parts of the system, he says. Security is usually something that’s considered after a site is built rather than before it is designed, agrees Khalid Kark, senior analyst at Forrester. “I’d say the majority of Web sites are hackable,” Kark says. “The crux of the problem is security isn’t thought of at the time of creating the application.” The top 10 reasons Web sites get hacked - Network World
From around the Web
- Windows Vista Service Pack 2 Latest Release Schedule
- Vista SP2: What is inside?
- NetWitness releases free version of security software
- Three Reasons Why Users Won’t Buy Into Security
- Automated security testing & its limitations
- Google Wants to Preinstall Chrome Browser on PCs
- Mozilla warns of Firefox China add on
- Firefox No Longer an Automatic Defense Against Browser Drive Bys
- Google patches Chrome file stealing bug
- Apple plays catch up, adds anti fraud safeguard to Safari
- Researchers find vulnerability in Windows Vista
- How to Use Network Behavior Analysis Tools
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Windows 7 UAC could be less of a nag