Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Application Security

Welcome to the Application Security topic!

In this topic you may collaborate with your peers by participating in discussions, adding links and documents, and starting or contributing to wikis.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
386 Members
0 Online
6942 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 14 total

Must be a Topic member to contribute
View All »
Hi everyone.Anyone of you knows if exist a framework for auditing application, that contain the minimum controls that should be audited on a software?.Thanks!.
jorgeagomez | 9/6/2016 2:07:16 AM | COMMENTS(1)
In case anyone has not seen the SANS CIS Critical Security Controls poster and related information, I just wanted to share this resource: https://www.sans.org/critical-security-controls/controls. Enjoy!
Angela712 | 5/24/2016 9:51:42 AM | COMMENTS(1)
Can any one recommend suitable freeware Application vulnerability assessment tools which can be used to assess applications such as accounting software?
AbrahamNyirongo | 3/11/2016 5:26:59 AM | COMMENTS(15)
Hi Everyone, ISACA Ireland are now starting to plan for the 2015 conference and are keen to encourage knowledge center members to submit a speaker proposal for consideration.  I hope no one minds me posting the below details of the call for papers and loo...
Neil_Curran | 6/17/2015 3:34:19 AM | COMMENTS(1)
Hello, is anybody aware of any existing reference that is providing an updated overview of the current international standards on the Application Security topic? Thanks in advance
Gioffry | 2/27/2015 7:37:27 AM | COMMENTS(3)
If anyone has executed application security assessment for a web application hosted on a public cloud environment like Amazon cloud etc, please do share your experience. Which tools are most recommended? What are the specific challenges over traditional v...
SKA | 10/19/2014 8:33:27 AM | COMMENTS(2)

Documents & Publications: 6 total

Must be a Topic member to contribute
Books
Posted by ISACA 844 days ago
Books
Posted by ISACA 1171 days ago
Research
Posted by ISACA 1278 days ago

Events & Online Learning: 2 total

21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.

Journal Articles: 20 total

Volume 3, 2017
by Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
What are threats associated with the use of the Internet of Things (IoT) and what approach should one have in implementing security for IoT?
Volume 3, 2017
by Sakthivel Rajendran, CISA, CRISC, CISM, CEH, GMOB
In today’s age of bring your own device (BYOD), the smartphone is one of the preferred mobile devices to access enterprise information.
Volume 3, 2017
by Sivarama Subramanian, CISA, and Balaji Swaminathan M., CISA, CISSP
During the Internet of Things (IoT) Village held at the DEF CON security conference in August 2016, 47 new vulnerabilities affecting 23 IoT devices from 21 manufacturers were disclosed.
Volume 4, 2016
by Mohammed J. Khan, CISA, CRISC, CIPM
It is imperative that IT auditors work with all teams within the organization responsible for the development of mobile apps—business, IT development, IT security, legal and compliance.
Volume 4, 2016
by Larry G. Wlosinski, CISA, CISM, CRISC, CAP, CBCP, CCSP, CDP, CISSP, ITIL v3
This article discusses the actors, threats, vulnerabilities and risk associated with mobile computing devices and highlights the pervasiveness of security and privacy problems and issues.
Volume 2, 2016
by Shubhamangala B. R. and Snehanshu Saha, Ph.D.
Why are breaches continuing despite deploying cutting-edge solutions supported by compliance to thwart the attacks?

Wikis: 2 total

Blog Posts: 14 total

Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
The perception of time passing is a funny thing. It only seems like yesterday that I was still a child and the summer holiday seemed to last a lifetime. And now, here I am somewhat surprised that my complement of fingers and toes are no longer enough to c...
Posted By : martin.oneal | 0 comments
During an audit you may find that shell scripts are used to connect to your Oracle database (these are often scheduled jobs).  In many instances this represents a security risk as the Oracle database password is hardcoded into the script.  This means th...
Posted By : Ian Cooke | 1 comments
A recent publication in a local newspaper, indicated that an employee was charged with fraud with regards to claims of insurance payments that were lodged with the company were paid out to people who were not entitled to receive such payments. What potent...
Posted By : Paulina.PNI | 2 comments
13 Nov 2014
Posted By : masarker | 4 comments
On March 1st,  I was invited to speak at the CampIT conference on Enterprise Risk/Security Management at Rosemont Convention Center. Before me there were two speakers. The first presenter spent an hour presenting the story from the trenches of technolog...
Posted By : appolloconsulting | 2 comments