SearchFinancialSecurity: The need for financial Web application security

The current lead story on is my contribution Why financials must implement Web application security best practices.
This is a follow up piece, a summary if you will, on my Online Finance Flaws campaign, kindly solicited by TechTarget to drive home the point: Is there any one sector more than financial services who must take a stronger stance with regard to Web application security?
Answer: Not that I can think of.
Security hits to financial-services firms have far reaching impacts beyond individual victims, including economic implications that can contribute to global economic malaise.
This article offers examples of flaws noted in major financial-services websites, data from OWASP's Security Spending Benchmarks Project Report as well as best practices guidance derived from security development lifecycle (SDL) methodology.
I invite you to read the article at your earliest convenience.
As always, feedback is welcome. | digg | Submit to Slashdot

Please support the Open Security Foundation (OSVDB)


Raf said…
Catching up on your articles from the comfort of my hospital room... another great post buddy.
ALL manner of financial institutions are the the high-value targets for today's hackers and evil-doers... given how much damage a financial crisis can inflict globally it continues to amaze me how the requirement for security is absolutely downplayed.

Oh well... money in a coffee can, anyone?

Popular posts from this blog

Toolsmith Tidbit: XssPy

Toolsmith In-depth Analysis: motionEyeOS for Security Makers

Toolsmith Release Advisory: Malware Information Sharing Platform (MISP) 2.4.52