NTT Application Security’s newest paper was just released, outlining a new modern approach to AppSec – a layered approach. The post-pandemic economy has organizations continuing to accelerate their application security practices to meet the speed of their development – which has continued to release vulnerabilities into the very applications that fuel their successes.
Traditionally, security has been designated to a specific, isolated team in the final stages of development — a practice that is no longer viable alongside the broader adoption of Agile methodologies and development cycles. So, what is this new modern approach? In network security, the “layered approach” concept has become a widely accepted and successful strategy for reducing the risk of compromise. If a single layer is breached, there is yet another that can prevent compromise — also known as a “defense-in-depth” strategy.
In this paper, readers will discover how applying ‘defense in depth’ and implementing a layered approach to AppSec is the change organizations need in order to keep up with the modern requirements of the Agile development landscape and ensure web applications are responsibly built, delivered and tested.