Prab: CSV import

2025-03-17T04:46:46Z

CSV import

← Older revision		Revision as of 04:46, 17 March 2025
Line 38:		Line 38:
	{{computer-security-stub}}		{{computer-security-stub}}
	{{No image}}		{{No image}}
			__NOINDEX__

Prab: CSV import

2025-02-10T06:57:35Z

CSV import

← Older revision		Revision as of 06:57, 10 February 2025
Line 37:		Line 37:

	{{computer-security-stub}}		{{computer-security-stub}}
			{{No image}}

Prab: CSV import

2024-02-28T19:38:15Z

CSV import

New page

'''Application security‏‎''' refers to the measures and countermeasures taken during the [[Application Development|development]] process to protect applications from threats that can come through flaws in the application design, development, deployment, upgrade, or maintenance. Some of these threats include unauthorized access, code injection, data breaches, and denial of service attacks.

==Overview==
Application security‏‎ encompasses measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities. Different techniques are used to surface such security vulnerabilities at different stages of an applications lifecycle such as design, development, deployment, upgrade, maintenance.

==Types of Application Security==
There are several types of application security‏‎, including:

* '''[[Authentication]]''': This is the process of verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system.

* '''[[Authorization]]''': This is the process of giving someone permission to do or have something. In multi-user computer systems, a system administrator defines for the system which users are allowed access to the system and what privileges of use.

* '''[[Encryption]]''': This is the method by which information is converted into secret code that hides the information's true meaning. The science of encrypting and decrypting information is called cryptography.

* '''[[Firewalls]]''': A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

* '''[[Antivirus software]]''': This is a program or set of programs that are designed to prevent, search for, detect, and remove software viruses, and other malicious software like worms, trojans, adware, and more.

==Application Security Testing==
Application security testing is a critical component of application security and the wider field of [[Cybersecurity]]. It can be performed using a variety of methods, including:

* '''[[Static application security testing (SAST)]]''': This is a set of technologies designed to analyze application source code, byte code and binaries for coding and design conditions that are indicative of security vulnerabilities. SAST solutions analyze an application from the “inside out” in a nonrunning state.

* '''[[Dynamic application security testing (DAST)]]''': This is a process of testing an application or software product in an operating state. This kind of testing is helpful for industry-standard compliance and general security protections for evolving projects.

* '''[[Interactive application security testing (IAST)]]''': This technology is able to observe the application behavior in real-time to identify vulnerabilities. It’s basically a combination of SAST and DAST methods.

==See Also==
* [[Computer security]]
* [[Information security]]
* [[Network security]]
* [[Internet security]]

[[Category:Computer Security]]
[[Category:Software Development]]
[[Category:Cybersecurity]]

{{computer-security-stub}}

Application security - Revision history

Prab: CSV import

Prab: CSV import

Prab: CSV import