Latest Job Opportunities in India
Discover top job listings and career opportunities across India. Stay updated with the latest openings in IT, government, and more.
Check Out Jobs!Read More
🚀 I don’t care if the application is not safe, it is Friday I am in love
explained
A month ago I opened a “one question only” survey
Surveytmonkey.
I asked “Why don’t you do any web applications when I publish a new web app (or a new feature)?”
41 answers collected after the announcement of the poll
LinkedInand
Facebook On
twitter.
I also asked Italian mail menu Ruby
This is full of a great Ruby specialist, beginnings and makers.
Let’s analyze the results
It aims slightly to operate the provocation
I have noticed true, I am Provocker. In the end I was able to ask Do you test your request for safety problems before publishing it? To allow people to say easily Yes, we conduct a lot of tests But in my experience (I will always be happy with the contradiction), the percentage of people who apply security tests to the web code is poor.
Sorry for being very exciting, but it is quite true that most people in small and medium business do not care about safety (or testing in general).
People in big business … well, they also don’t care but this poll has not been answered by this type of players.
If all people ultimately take a security test on their symbol, this blog will not be useful anymore, right?!?
results
| answer | Voices | percentage |
| You are wrong. I do a web application penetration test when I publish a new web app or a new feature | 8 | 23.5 % |
| No budget. Safety costs are very high for us, we are emerging and focus on business first | 16 | 47.1 % |
| No need. We are a great development team. Our symbol is strong and strong. We will not talk about any security accident. never | 1 | 2.9 % |
| No time. We miss our final appointments. We have no time to eliminate security tests. We are safe from the risks. We have protection walls. | 4 | 11.8 % |
| I’m not interested. Seriously, security is a word spent by salesmen to sell antivirus or symmetrical things. I don’t think my web application will be attacked by the “so -called” infiltrators. | 5 | 14.7 % |
Other answers
In the poll, there was also an open answers box where people could leave their own answer if not installed above.
The application is not published on Windows Server and is already safe
Our directors do not care about that … sighed.
I am dealing with safety from the development side (fixed analysis, code reviews, etc.) and I do not expect the players to lead later by the Dev team itself to improve safety, but I run automatic tools that have proven to be useless over time.
I don’t have enough time and money to invest in this. Is it possible to automate them?
It is a mixture of “no time.” I know it is a vicious circle that you do not pay in the long term well 🙂
No time. We miss our final appointments. We have no time to eliminate security tests. We know what is five, but we decide with consciousness to overcome it. And we pray so that no skilled sneaks turn his eyes to us.
I don’t know how to perform hacking tests. But I would like to know more about them.
Looking at the survey results, I can see a large number of people (24 %) that they are, as an average of 2 out of 10 Web applications is tested.
8 out of 10 out of 10 for security issues are not tested and the main reason is that people have No budget. However, how does a good web applications test cost? How much does the hidden costs to rewrite the application compares the zero or the monkey that dances after SQL injection?
More than that, how much is it compared to your brand damage and all CHE costs related to loss of data after storming? If you are facing security problems, your competitors can make competitive gains on you. You will likely lose customers. Are you sure you can truly Even this danger?
It is like a new car design. You are paying designers and engineers to create a great car with great design and great shows. You are a great and short car for customers who want to pay a large amount of money for a good service.
but When you design the car, you do not have enough budget to implement a full stability control system in addition to ABS, so you will not implement a higher solution and your car failure in the market.
Application safety is your broken system. You should take care of it if you want to create a first -class product. If you do not do it, it may be a good product until someone (for not being predicted) storms it, stealing customer data and making your business fail.
For people who do not care, well, they may not read this blog or they do not care about the security of information technology at all. I support people about ignoring the issue of information technology safety … in the event that your work or your presence online can be dangerous.
Open the answers, open two different points:
- I am not skilled enough / I don’t have enough time to do also Application safety. Good, that is why there are applications safety specialists that you can share to help you in safety tests. As for cost problems, ask a quotation before, then evaluate whether the money you will provide can deal with the money you will lose if it attacks successfully.
- Automated Horization tests. Certainly you can. There are commercial tools there and you will be there Codesake.com Soon to request the safety of the app. I strongly It also encourages you to do some handicrafts since the tool can make 100 % coverage of your application no matter how good it is. It is a smart idea that you have the applicant safety specialist to combine tools with some manual examination.
And you? What do you think of this topic? What is your experience?
Do you take a web applications test when publishing a new web app or a new job?
If not, then why not provide the application safety in your daily workflow? Tell me.
🔗 Read more at: Source
Hashtags: #dont #care #application #safe #Friday #love
Written by Paolo Perego on 2013-04-19 11:29:00
Source Feed: armoredcode.com – the application security blog that gets the job done
🚀 I don’t care if the application is not safe, it is Friday I am in love
revealed
A month ago I opened a “one question only” survey
Surveytmonkey.
I asked “Why don’t you do any web applications when I publish a new web app (or a new feature)?”
41 answers collected after the announcement of the poll
LinkedInand
Facebook On
twitter.
I also asked Italian mail menu Ruby
This is full of a great Ruby specialist, beginnings and makers.
Let’s analyze the results
It aims slightly to operate the provocation
I have noticed true, I am Provocker. In the end I was able to ask Do you test your request for safety problems before publishing it? To allow people to say easily Yes, we conduct a lot of tests But in my experience (I will always be happy with the contradiction), the percentage of people who apply security tests to the web code is poor.
Sorry for being very exciting, but it is quite true that most people in small and medium business do not care about safety (or testing in general).
People in big business … well, they also don’t care but this poll has not been answered by this type of players.
If all people ultimately take a security test on their symbol, this blog will not be useful anymore, right?!?
results
| answer | Voices | percentage |
| You are wrong. I do a web application penetration test when I publish a new web app or a new feature | 8 | 23.5 % |
| No budget. Safety costs are very high for us, we are emerging and focus on business first | 16 | 47.1 % |
| No need. We are a great development team. Our symbol is strong and strong. We will not talk about any security accident. never | 1 | 2.9 % |
| No time. We miss our final appointments. We have no time to eliminate security tests. We are safe from the risks. We have protection walls. | 4 | 11.8 % |
| I’m not interested. Seriously, security is a word spent by salesmen to sell antivirus or symmetrical things. I don’t think my web application will be attacked by the “so -called” infiltrators. | 5 | 14.7 % |
Other answers
In the poll, there was also an open answers box where people could leave their own answer if not installed above.
The application is not published on Windows Server and is already safe
Our directors do not care about that … sighed.
I am dealing with safety from the development side (fixed analysis, code reviews, etc.) and I do not expect the players to lead later by the Dev team itself to improve safety, but I run automatic tools that have proven to be useless over time.
I don’t have enough time and money to invest in this. Is it possible to automate them?
It is a mixture of “no time.” I know it is a vicious circle that you do not pay in the long term well 🙂
No time. We miss our final appointments. We have no time to eliminate security tests. We know what is five, but we decide with consciousness to overcome it. And we pray so that no skilled sneaks turn his eyes to us.
I don’t know how to perform hacking tests. But I would like to know more about them.
Looking at the survey results, I can see a large number of people (24 %) that they are, as an average of 2 out of 10 Web applications is tested.
8 out of 10 out of 10 for security issues are not tested and the main reason is that people have No budget. However, how does a good web applications test cost? How much does the hidden costs to rewrite the application compares the zero or the monkey that dances after SQL injection?
More than that, how much is it compared to your brand damage and all CHE costs related to loss of data after storming? If you are facing security problems, your competitors can make competitive gains on you. You will likely lose customers. Are you sure you can truly Even this danger?
It is like a new car design. You are paying designers and engineers to create a great car with great design and great shows. You are a great and short car for customers who want to pay a large amount of money for a good service.
but When you design the car, you do not have enough budget to implement a full stability control system in addition to ABS, so you will not implement a higher solution and your car failure in the market.
Application safety is your broken system. You should take care of it if you want to create a first -class product. If you do not do it, it may be a good product until someone (for not being predicted) storms it, stealing customer data and making your business fail.
For people who do not care, well, they may not read this blog or they do not care about the security of information technology at all. I support people about ignoring the issue of information technology safety … in the event that your work or your presence online can be dangerous.
Open the answers, open two different points:
- I am not skilled enough / I don’t have enough time to do also Application safety. Good, that is why there are applications safety specialists that you can share to help you in safety tests. As for cost problems, ask a quotation before, then evaluate whether the money you will provide can deal with the money you will lose if it attacks successfully.
- Automated Horization tests. Certainly you can. There are commercial tools there and you will be there Codesake.com Soon to request the safety of the app. I strongly It also encourages you to do some handicrafts since the tool can make 100 % coverage of your application no matter how good it is. It is a smart idea that you have the applicant safety specialist to combine tools with some manual examination.
And you? What do you think of this topic? What is your experience?
Do you take a web applications test when publishing a new web app or a new job?
If not, then why not provide the application safety in your daily workflow? Tell me.
📌 Read more at: Source
Hashtags: #dont #care #application #safe #Friday #love
Written by Paolo Perego on 2013-04-19 11:29:00
From: armoredcode.com – the application security blog that gets the job done
