Securing Applications Using SaaS

"Software as a Service is dramatically improving the speed, efficiency, and effectiveness of application security initiatives around the globe.

Application security is one of the fastest growing disciplines within IT security, as the majority of attacks have migrated from the network layer to the application layer.
 
• Gartner suggests that 75% of breaches are due to flaws in software
• The USAF saw attacks directed at their applications rise from 2% of all attacks to 33% in just two years

Effectively countering this threat requires increased investing in training security experts and developers, rolling out new processes, and successfully leveraging available technology. The playing field includes software that is built in house, that which is outsourced, software purchased from commercial vendors, and that which is licensed from the open source community. Simply inventorying all of a company’s software can be daunting, let alone prioritizing it, assessing it, and actually fixing it. Securing software requires a disciplined and focused approach which involves baselining applications, prioritizing risk, developing a security gate, embedding security into the development team, and putting in place a high level management plan.

Given the magnitude of this endeavor, it is critical to utilize the most effective and efficient technology available. Part of this involves using products in house, during development, and another part includes the use of saas offerings. How to effectively leverage saas is not immediately intuitive.