Why Legacy Security systems fail - Take 1
Why 'Take 1'?? Because I expect I will use this title a few more times. I recently spoke at the Government National Security Conference on the topic of why organisations that spend £millions - sometimes ten's of millions - on network security still regularly appear in the media over avoidable data theft attacks.
Interesting reading this morning from Phil Muncaster about a Chinese Cyber Crime Gang suspected of making over £30 million because they were able to hack applications and make changes to government databases. It is alarmingly simple to attack web-based applications when only
Learn more about the many attacks invisible to legacy network security (Firewalls) from OWASP - the Open Web Application Security Project:
- Top 10 Application Attacks - here
- Downloadable Virtual Machine, WebGoat that teaches you how to hack web applications
Application Security focuses on the communication within the encrypted connection between the consumer/customer and the Application itself. This is where most data theft attack attempts take place and, conversely, is often overlooked in favour of heavy spend on e.g. network firewalling.
Published Jul 31, 2012
Version 1.0