CHAPTER 7

image

Integrating Compliance with Web Application Security

Compliance with regulations and industry standards is a strong motivator in today’s IT security world. Regulatory standards deal mostly with financial reporting, privacy, and IT security for the protection of critical assets. Industry standards for corporate IT security are created as trusted benchmarks that corporate executives can rely upon as reasonable goals. Guidelines are less formal and just suggestions.

Compliance specifically means following the rules or control points within the applicable regulation or standard. It often falls into the security domain and therefore into ...

Get The Manager’s Guide to Web Application Security: A Concise Guide to the Weaker Side of the Web now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.