Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Application Security

Welcome to the Application Security topic!

In this topic you may collaborate with your peers by participating in discussions, adding links and documents, and starting or contributing to wikis.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
414 Members
0 Online
7262 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 17 total

Must be a Topic member to contribute
View All »
Can you share which tool(s) do you use for application security testing (for static i.e. SAST, dynamic i.e. DAST etc.) and how it performs?
Dragan Pleskonjic | 1/19/2018 7:09:58 AM | COMMENTS(5)
A new book titled "Cybersecurity: Hacking, the Dark Web and You" is being released soon.  See the below links.  I wanted to share this information in case you're interested. https://view.email.fortune.com/?qs=ee9ffdefc23f39399acfc8f20920d4c42a77bd2b4622aa...
Angela712 | 1/13/2018 4:08:37 PM | COMMENTS(0)
A comprehensive evaluation of “the six (SCA) providers that matter most and how they stack up,” the The Forrester Wave™: Software Composition Analysis, Q1 2017 assesses the current state of the software composition analysis market and provides in-depth an...
Dragan Pleskonjic | 12/25/2017 10:35:32 AM | COMMENTS(4)
Hi everyone.Anyone of you knows if exist a framework for auditing application, that contain the minimum controls that should be audited on a software?.Thanks!.
jorgeagomez | 9/6/2016 2:07:16 AM | COMMENTS(1)
In case anyone has not seen the SANS CIS Critical Security Controls poster and related information, I just wanted to share this resource: https://www.sans.org/critical-security-controls/controls. Enjoy!
Angela712 | 5/24/2016 9:51:42 AM | COMMENTS(1)
Can any one recommend suitable freeware Application vulnerability assessment tools which can be used to assess applications such as accounting software?
AbrahamNyirongo | 3/11/2016 5:26:59 AM | COMMENTS(15)

Documents & Publications: 6 total

Must be a Topic member to contribute
Books
Posted by ISACA 1116 days ago
Books
Posted by ISACA 1443 days ago
Research
Posted by ISACA 1551 days ago

Events & Online Learning: 0 total

No Results Found

Journal Articles: 23 total

Volume 1, 2018
by Aditya K. Sood, Ph.D., and Rehan Jalil
With the robust requirements listed by upcoming regulations, such as GDPR, the importance of a cloud app security solution cannot be ignored.
Volume 1, 2018
by Kiran Maraju, CEH, CISSP
The use of artificial intelligence (AI) in cyber security will help organizations enhance existing application security capabilities.
Volume 5, 2017
by Michael Werneburg, CIA, PMP
Service organizations with a bespoke application in a regulated industry have special challenges in addressing application vulnerabilities.
Volume 3, 2017
by Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
What are threats associated with the use of the Internet of Things (IoT) and what approach should one have in implementing security for IoT?
Volume 3, 2017
by Sakthivel Rajendran, CISA, CRISC, CISM, CEH, GMOB
In today’s age of bring your own device (BYOD), the smartphone is one of the preferred mobile devices to access enterprise information.
Volume 3, 2017
by Sivarama Subramanian, CISA, and Balaji Swaminathan M., CISA, CISSP
During the Internet of Things (IoT) Village held at the DEF CON security conference in August 2016, 47 new vulnerabilities affecting 23 IoT devices from 21 manufacturers were disclosed.

Wikis: 2 total

Blog Posts: 17 total

Have you experienced ransomware attack so far and, if yes, what did you do to resolve? I set up Twitter poll here: https://twitter.com/DPleskonjic/status/953608717399941120 It lasts for seven days. Thank you for taking part in the poll.
Posted By : Dragan Pleskonjic | 2 comments
Information Security and Privacy is hot issue at present time. Number of security breaches is rapidly increasing.  In case of late detection, costs of breaches are skyrocketing. In the same time Artificial Intelligence (AI), Machine Learning (ML) are fast...
Posted By : Dragan Pleskonjic | 0 comments
My previous blog under name "Dragan on Security" was at location: http://conwex.info/blog/. It was active from August 28, 2005 to October 3, 2012. By beginning of 2017 it is moved to new location http://www.dragan-pleskonjic.com/blog/. With possibility to...
Posted By : Dragan Pleskonjic | 0 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
The perception of time passing is a funny thing. It only seems like yesterday that I was still a child and the summer holiday seemed to last a lifetime. And now, here I am somewhat surprised that my complement of fingers and toes are no longer enough to c...
Posted By : martin.oneal | 0 comments
During an audit you may find that shell scripts are used to connect to your Oracle database (these are often scheduled jobs).  In many instances this represents a security risk as the Oracle database password is hardcoded into the script.  This means th...
Posted By : Ian Cooke | 1 comments