Record Detail Back
Expert Oracle Application Express Security
- Share to:
Application security is on the forefront of everyone’s minds these days. It’s almost impossible to go more than a couple of days without reading about another website organization that was hacked or had a data breach. Unfortunately, it seems as if the problem is getting worse with time, not better. This can be attributed directly to the fact that there are simply more people using computers, iPhones and the like today, thus increasing the number of attack vectors for the bad guys. There is a simple answer for this: severely limit access to information systems. This is, of course, not the best answer, but it clearly would mitigate the problem down to a manageable chunk. Unfortunately, users will always need access to data, and as developers, the responsibility of delivering this task in a secure fashion falls squarely on our shoulders. Therefore, developers need to build applications that are much more secure today than in the past. But given the workload of the average developer (read: overworked), securing applications is often done hastily right before turning over code to production, if ever at all. As a result of this, more insecure applications are put into production, which leads to more breaches and data leaks. To compound the problem, developers coming from older client server technologies often don’t have the background in web development to even understand what secure is and what it is not. The concept of an end-user being able to manipulate where they go via the URL or view the source code of a page is completely foreign to them. Their lack of knowledge often leads them down the path of building web applications that are simply not secure, as they simply don’t know what secure looks like. As more business turn to the web and mobile technologies to enable their customers and employees to access information, more applications that represent potential security vulnerabilities are created, thus giving hackers and even malicious users more places to attack. Oracle APEX is not unique, in that like any other web technology, applications can be developed with it in either a secure or not-so-secure manner.
Scott Spendolini - Personal Name
978-1-4302-4732-6
NONE
Information Technology
English
2013
1-286
LOADING LIST...
LOADING LIST...