Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News

2008 West
DIAMOND SPONSOR:
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
GOLD SPONSORS:
Appsense
User Environment Management – The Third Layer of the Desktop
Cordys
Cloud Computing for Business Agility
EMC
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Intel
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Sensedia
Return on Assests: Bringing Visibility to your SOA Strategy
Symantec
Managing Hybrid Endpoint Environments
VMWare
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
PLATINUM SPONSORS:
Appcelerator
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
GOLD SPONSORS:
ICEsoft
How Can AJAX Improve Homeland Security?
Isomorphic
Beyond Widgets: What a RIA Platform Should Offer
Oracle
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
SYS-CON.TV
Top Links You Must Click On


Awareness There, Policies Lacking: Results of a New SANS Survey on Application Security Policies in Enterprises

BETHESDA, Md., Dec. 5, 2012 /PRNewswire-USNewswire/ -- SANS Institute, a trusted and pervasive source of information security training, announces the results of its first Survey on Application Security Policies in Enterprises.

Sponsored by NT OBJECTives, Qualys, WhiteHat Security and Veracode, the survey reveals that awareness of risk is high across most organizations and that some form of policies are in place among 66% of the survey's nearly 700 respondents.

"This indicates that application security has grown out of its infancy and is becoming incorporated into policy," says SANS Analyst executive editor, Deb Radcliff. "The flip side is that there is that only two percent of survey takers have comprehensive, cradle-to-grave management of their applications."

The survey shows that organizations are managing multiple applications, yet 28% of respondents can't determine what applications are under their management.

Policies also vary for organizations that develop their own applications versus those managing commercial applications: Only 23% comprehensively manage development and lifecycle of applications they develop, and only 33% conduct extensive review of commercial applications prior to putting them into production.

Things get hazier when the discussion moves to outsourced or cloud applications, with only 22% relying on extensive testing and validation prior to production.

"Too many organizations are relying on their service providers and software vendors to 'do the right thing' when it comes to application security. This isn't enough," says SANS analyst Jim Bird, who coauthored the report. "They have to start taking more responsibility for securing their own software supply chains—especially bigger organizations with enough buying power to force real change on supplier behavior and accountability."

With regard to responsibility for application security, the survey allowed multiple responses. While most respondents put their C-level and managerial level IT and security professionals in charge of application security (83%) and 35% indicate that their development group is responsible. Another 33% said their risk and compliance managers were responsible. This is not surprising, given that, in another question, more than 40% of respondents selected compliance their top driver for their application security programs.

"Compliance has been a key driver to bring application security to a minimum initial baseline in many organizations," says SANS instructor Frank Kim, who also co-authored the survey report. "Mature processes coupled with skilled application security practitioners will be required to really expand the state of the art."

For full results of the survey, attend a special SANS webcast held at 1 PM EST on December 13. To register for that webcast, follow this link:

www.sans.org/webcasts/survey-application-security-policies-enterprises-95622    

The full report will be released at that time in the SANS Reading Room at www.sans.org/reading_room/analysts_program.

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and by far the largest source for information security training and security certification in the world. In addition to world-class training, SANS offers certification via the ANSI accredited GIAC security certification program. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, newsletters, and it operates the Internet's early warning system—the Internet Storm Center. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community. (www.sans.org)

SOURCE SANS Institute

About PR Newswire
Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Enterprise Open Source Magazine Latest Stories . . .
DevOps Summit, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud ...
Containers are revolutionizing the way we deploy and maintain our infrastructures, but monitoring and troubleshooting in a containerized environment can still be painful and impractical. Understanding even basic resource usage is difficult – let alone tracking network connections or ma...
Manufacturing has widely adopted standardized and automated processes to create designs, build them, and maintain them through their life cycle. However, many modern manufacturing systems go beyond mechanized workflows to introduce empowered workers, flexible collaboration, and rapid i...
Leaving aside (most of) the deeper technical details of the situation, an interesting development occurred in the open source community this week. Under the auspices of The Linux Foundation, a new ‘neutral’ coding community emerged as a result of the coming together of the Node.js and...
IBM is delivering of enterprise class containers that make it easier for clients to deliver production applications across their hybrid environments. Containers give developers flexibility to build once and move applications without the need to rewrite or redeploy their code. IBM Con...
SYS-CON Events announced today that the "Second Containers & Microservices Conference" will take place November 3-5, 2015, at the Santa Clara Convention Center, Santa Clara, CA, and the “Third Containers & Microservices Conference” will take place June 7-9, 2016, at Javits Center in Ne...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021




SYS-CON Featured Whitepapers
ADS BY GOOGLE