Application security is a growing concern for all businesses embracing a digital transformation, but in the financial sector, it is a top-level priority. With cyberattacks increasing in frequency and sophistication, financial institutions face the challenge of securing diverse portfolios of web and mobile applications that handle high volumes of transactions and sensitive data.
Organizations in the financial services industry go to great lengths to secure their applications, from adhering to industry standards and best practices to investing in penetration testing and web application firewalls. Despite these efforts, many AppSec initiatives fall short and fail to adequately secure business-critical applications.
So, what can be done to move the needle? The best answer today is to use a secure software development lifecycle (SDLC). Whether developing applications in-house, outsourcing development or purchasing applications from outside vendors, a financial institution must be able to ensure that secure development practices are being followed.
In this webcast, you will learn about the elements of a secure SDLC and why baking in proactive security controls early in the lifecycle is the best hedge against bugs that could be devastating if released into the wild. Attendees also will learn more about requirements and standards as well as best practices for financial services development 'and consequences for poor practices. '
Click here to be among the first to receive the associated whitepaper written by SANS expert Steve Kosten on this topic.