Web application security

Originally published in Allstream Mindshift

It has the makings of a perfect storm

Today’s hackers are putting ego behind them as they use the promise of profit to drive their illicit Net activity.

New regulations and industry practices mandate full dis-closure whenever personal or sensitive information is leaked.

Meanwhile, you design web applications like e-commerce or transaction-based systems so unknown users can freely access them. However, your traditional security measures, like firewalls and anti-intrusion detection systems don’t protect web applications that are meant to be open.


You’re not alone in your vulnerability. Analyst firm Gartner Group estimates that 75 percent of attacks now target web applications.

That’s because hackers know where the weak links tend to be. Watchfire research states that 90 percent of web sites are vulnerable in some way.

The damage hackers can do isn’t limited to physical assets. Customer trust, partner goodwill, approval from privacy agencies – your firm stands to lose all these and more by falling prey to just one attack.

The stakes have never been higher. It’s time to effectively protect your business data, your business itself and your customers.

To start, focus on the three areas that will pay maximum dividends: people, process and technology.

People who develop and deploy web applications must understand both secure design principles and potential security threats. When they make security testing a part of the development process, they can apply their knowledge at each step of development, rather than rush and troubleshoot after the fact. On the technologyfront, automated web application security tools examine vulnerabilities across large, diverse environments.

Now, Allstream and Watchfire have teamed up to deliver Allstream’s Web Application Security Portfolio.

This comprehensive set of online risk management software and services is based on the same Watchfire audit and report offerings used by over 500 enterprises and government agencies to keep their online affairs in order.

Watchfire’s impressive track record makes it, in the words of IT market analysis firm IDC, the worldwide market share leader in application vulnerability assessment software.

Allstream adds several valuable assets of its own, including extensive security solution experience and depth of security knowledge across all private and public sector verticals. Allstream tests applications both at launch and over time. Security audits check applications against 32 sets of compliance regulations, including Sarbanes-Oxley, HIPAA and PIPEDA.

The storm may be on the horizon. Consider the Allstream Web Application Security Portfolio the protection your business needs to make it through.

Leave a Reply