A few years ago I brought my car in for service at the dealership. While I was there, the service advisor told me that there was an outstanding recall on the car. It was discovered that the lock mechanism was easily defeated using a flathead screwdriver, making the car an easy target for thieves. As the car owner, nobody bothered to let me know that there was a recall on the car until I got to the dealership, but it seemed that the word was out on the street a long time ago. Manufacturers are not obligated to let you know about recalls if the issue does not pertain to a safety issue.
We’ve seen a lot of activity in the news recently about how application security vulnerabilities that suddenly come to light can cause concern among corporate security groups and application owners alike. This issue isn’t confined to Java updates alone, as vulnerabilities are discovered almost as quickly as updates are released in some cases. There are plenty of application vulnerabilities that you are probably not aware of, which may effect the applications that you are running in your environment right now. The intelligence to know when vulnerabilities are detected and when fixes are released is already available to you. Using an alert system that quickly makes you aware of potential application security issues should be a part of your day-to-day operational tasks. That way, at least you are aware of these issues, even if you choose not to do anything about it. After all, knowing is half the battle.
AppRx offers security alerts as part of ongoing portfolio management. If you’re interested in learning more about the security alerting feature book a demo http://futurestateit.com/demo/
Original post appeared on: http://futurestateit.com/2013/04/30/are-you-aware-of-your-application-security-vulnerabilities/
Great discussion on app security in AR&PM Linkedin Group http://www.linkedin.com/groups?gid=4620272&trk=hb_side_g