Developing Policies to Mitigate Vulnerabilities

To help ensure that security strategies are part of the development and deployment of applications, policies provide a security framework for coders and administrators to follow. A policy is a documented plan outlining the goals, procedures, and objectives that guide decisions to a desired outcome. Many technical policies are used in business, including email, internet, backup, user, and remote access policies.

A business may have policies detailing acceptable use and compliance requirements. A security policy that all companies should have is one that is aimed at all aspects of security, including web and mobile application vulnerabilities. The policy should include acceptable use, application ...

Get Internet and Web Application Security, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.