Application security encompasses many steps taken to boost the overall security, typically by preventing, detecting, and fixing potential security vulnerabilities. The process of applying these steps requires the development of program-security policies that dictate what type of activities programmers are permitted and what they must avoid doing. Often, many applications are written with source code that may contain security issues that go unnoticed by programmers and security testers. These issues can result in the execution of unauthorized code, data theft, or system downtime. Programs with security vulnerabilities run the risk of both these problems and also losing data if they are compromised. For this reason, it is so important to apply effective application security techniques throughout the entire lifecycle of any program.
Among the most important areas of application security to keep in mind is how web application vendors deal with “CSI” (Content Security Integration). This standard was originally designed to help developers apply sensible rules to their incoming traffic, which enforces controls on what types of information should be allowed on each page of a website.
