Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News

2008 West
DIAMOND SPONSOR:
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
GOLD SPONSORS:
Appsense
User Environment Management – The Third Layer of the Desktop
Cordys
Cloud Computing for Business Agility
EMC
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Intel
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Sensedia
Return on Assests: Bringing Visibility to your SOA Strategy
Symantec
Managing Hybrid Endpoint Environments
VMWare
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
PLATINUM SPONSORS:
Appcelerator
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
GOLD SPONSORS:
ICEsoft
How Can AJAX Improve Homeland Security?
Isomorphic
Beyond Widgets: What a RIA Platform Should Offer
Oracle
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
SYS-CON.TV
Top Links You Must Click On


Awareness There, Policies Lacking: Results of a New SANS Survey on Application Security Policies in Enterprises

BETHESDA, Md., Dec. 5, 2012 /PRNewswire-USNewswire/ -- SANS Institute, a trusted and pervasive source of information security training, announces the results of its first Survey on Application Security Policies in Enterprises.

Sponsored by NT OBJECTives, Qualys, WhiteHat Security and Veracode, the survey reveals that awareness of risk is high across most organizations and that some form of policies are in place among 66% of the survey's nearly 700 respondents.

"This indicates that application security has grown out of its infancy and is becoming incorporated into policy," says SANS Analyst executive editor, Deb Radcliff. "The flip side is that there is that only two percent of survey takers have comprehensive, cradle-to-grave management of their applications."

The survey shows that organizations are managing multiple applications, yet 28% of respondents can't determine what applications are under their management.

Policies also vary for organizations that develop their own applications versus those managing commercial applications: Only 23% comprehensively manage development and lifecycle of applications they develop, and only 33% conduct extensive review of commercial applications prior to putting them into production.

Things get hazier when the discussion moves to outsourced or cloud applications, with only 22% relying on extensive testing and validation prior to production.

"Too many organizations are relying on their service providers and software vendors to 'do the right thing' when it comes to application security. This isn't enough," says SANS analyst Jim Bird, who coauthored the report. "They have to start taking more responsibility for securing their own software supply chains—especially bigger organizations with enough buying power to force real change on supplier behavior and accountability."

With regard to responsibility for application security, the survey allowed multiple responses. While most respondents put their C-level and managerial level IT and security professionals in charge of application security (83%) and 35% indicate that their development group is responsible. Another 33% said their risk and compliance managers were responsible. This is not surprising, given that, in another question, more than 40% of respondents selected compliance their top driver for their application security programs.

"Compliance has been a key driver to bring application security to a minimum initial baseline in many organizations," says SANS instructor Frank Kim, who also co-authored the survey report. "Mature processes coupled with skilled application security practitioners will be required to really expand the state of the art."

For full results of the survey, attend a special SANS webcast held at 1 PM EST on December 13. To register for that webcast, follow this link:

www.sans.org/webcasts/survey-application-security-policies-enterprises-95622    

The full report will be released at that time in the SANS Reading Room at www.sans.org/reading_room/analysts_program.

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and by far the largest source for information security training and security certification in the world. In addition to world-class training, SANS offers certification via the ANSI accredited GIAC security certification program. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, newsletters, and it operates the Internet's early warning system—the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community. (www.sans.org)

SOURCE SANS Institute

About PR Newswire
Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Enterprise Open Source Magazine Latest Stories . . .
We often get asked “Should I use GridFS for file storage with MongoDB”. As with most things, the answer is a staunch “it depends”. GridFS looks like a great idea on paper - a virtual filesystem held within MongoDB which allows for larger than 16MB files to be held, synced and replicat...
The supply chain is evolving, and buyers need to analyze and predict, but also to manage risk. When Capgemini's business information management (BIM) practices unit needed to provide big data capabilities to its insurance company customers, it needed to deliver the right information t...
Some people believe good or bad things always happen in threes. I believe you will always be able to find three (and probably more) things that are good or bad and somewhat related, but sometimes I get surprised by the apparent coincidental appearance of several closely related “things...
This article defines long polling and presents a few techniques on how long polling could be used in Spring MVC web applications. Discussion covers both the AJAX and the server part of the solution as well as outlines a few possible options for implementation. The article compares perf...
Red Hat, Inc., on Wednesday announced that it has signed a definitive agreement to acquire eNovance, a provider of open source cloud computing services. Combined with Red Hat’s existing leadership in OpenStack, the addition of eNovance’s systems integration capabilities and engineering...
Hear from Red Hat leaders and industry experts on Tuesday, June 10, 2014, at 11am and see how Red Hat Enterprise Linux continues to deliver unmatched customer value, increased efficiency, and true strategic advantage for global customers across every industry. Attendees will learn mor...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021




SYS-CON Featured Whitepapers
ADS BY GOOGLE