"Beyond Testing: The Human Element of Application Security"
According to Veracode's recent State of Software Security (SOSS) report, the analysis of results from more than 700,000 applications scans revealed that 83 percent of the applications contained one or more vulnerabilities. These results call for the improvement of application security with human solutions. In order for an application security program to be effective, the role of the human in the security process must be enhanced. Experts have recommended that developers receive training on secure coding. In addition, organizations are encouraged to establish bug bounty programs and strong vulnerability disclosure policies to allow outside security researchers to find vulnerabilities in their software and properly disclose the security risks that they have discovered. This article continues to discuss the importance of improving application security, secure code training, vulnerability disclosure policies, and bug bounty programs.
Security Boulevard reports "Beyond Testing: The Human Element of Application Security"