Application Security

Last updated on May 25, 2020

Applications are a fundamental part of everyday business and lifestyle in the modern interconnected world. To ensure your data and information stay safe, you need to implement application security. To secure your applications first look towards your Application Programming Interface (API) (Which is how you communicate with your Application) and ensure that it is designed based on an industry standard as custom designs sometimes fail to meet security standards. If you are planning to launch a new application ensure that you run web application vulnerability scans prior to and following production launch, this will help you identify and manage risks associated with vulnerabilities. Lastly, make sure that the code used to develop the application is reviewed to meet security standards. To do this you can manually or automatically review an application's source code and search for security threats and weaknesses.

Control Objective

Application Programming Interfaces (API) developed according to industry standards
Web application vulnerability scans are performed prior to and following production launch and vulnerabilities are addressed
Code is reviewed in accordance with industry best practices

Resources

Canadian Center for Cyber Security - Patch OS and Applications Video Series

Open Web Application Security Project (OWASP) - Web Application Security Testing

Did you find what you were looking for?

The B.C. Public Service acknowledges the territories of First Nations around B.C. and is grateful to carry out our work on these lands. We acknowledge the rights, interests, priorities, and concerns of all Indigenous Peoples - First Nations, Métis, and Inuit - respecting and acknowledging their distinct cultures, histories, rights, laws, and governments.

More topics

Application Security

Control Objective

Resources