• United States




SANS seeks feedback on policy development

Sep 18, 20122 mins
ComplianceIT LeadershipIT Strategy

What policies has your security department created in recent years? SANS is seeking input on how you're protecting applications in your organization

SANS is looking for feedback about what policies are emerging among organizations with applications to protect.

From their press release today:

“SANS is conducting this survey to understand what applications and AppSec risks these companies see as most critical to their security, where they are investing in their AppSec programs, what tools they are using and what else they are doing to manage the AppSec challenge,” says survey co-author, Jim Bird.

New application vulnerabilities and attacks unfold everyday. Meanwhile, applications are hard to monitor, full of vulnerabilities and easy to manipulate. The data gathered in this survey can help shape the industry, according to SANS Analyst executive editor, Deb Radcliff.

“Web, database, mobile and cloud applications—they’re all proving to be stealthy entry points into what should be secure networks,” Radcliff notes. “So the question becomes, how can SANS help the community implement holistic policy that covers the lifecycle of applications and melt away silos between developers, business units and security teams?”

As with all surveys, SANS needs the help of the community to share their experiences.

The link to the survey is here:

Find examples of many security policies in CSO’s security tools, templates and policies library