Information Security Criticality Testing and Remediation

Abstract

Application security has turned into an essential piece of Information security, it is never again discretionary. Now a days organizations have welcome building up their own application, so as the information related with the application expands, security has turned into the significant worry for application security. The Application Security helps you secure applications throughout the development and maintenance of the code. Securing Applications helps you to secure the code from vulnerabilities. Now a days, attacker perform Heart-bleed, SQL injection, Cross site scripting, Cross Site Request Forgery, and many other attacks on the application, which causes a loss of sensitive data of that application. For protecting this kind of sensitive information source code review should be done. Source code review is a process to identify and remove security risks of the applications which contains sensitive information related to company. When developer develops an application, who don’t have knowledge of how to code securely then this will create a big security hole for the application and attacker can take advantage of this security weakness. Some of the attacks are considers false negatives which your system cannot Identify. These are the most dangerous attacks nowadays. This can result in to big damage to the company and its reputation. So the idea is to develop the system which will help the AppSec team to for reducing their daily manual work and protect the application from the attackers. So I am developing the web Portal for the Application security team which will reduce the manual work for the Bug Bounty program, where external researcher can report the vulnerabilities which they have found during their research work.