CLOUD APPLICATION SECURITY CAN be a neglected part of cloud security. Often, security focuses only on the controls associated with identity and access management (IAM), networking, servers, and other infrastructure components. But if the application software running on these components is insecure, then the entire enterprise is insecure. This chapter will discuss the processes needed to secure the software through the application development lifecycle.

ADVOCATE TRAINING AND AWARENESS FOR APPLICATION SECURITY

Secure software development begins with the development of a culture of security and the implementation of a secure software development lifecycle (SSDLC). Without an appropriate SSDLC, the development ...