What’s a good workflow for securing a web app before launch? – Digitalmunition

Home Forums What’s a good workflow for securing a web app before launch?

This topic contains 1 reply, has 2 voices, and was last updated by  InfosecMod 1 month ago.

  • Author
  • #281542


    I develop most of my customer-facing stuff on a LAMP stack, and wrap it up with an external Acunetix scan. Are there any other recommended tools specific to this tech? I tried searching around, particularly for PHP code analysis, but I’m coming up empty handed. Any advice would be greatly appreciated.

  • #281543


    You’ll probably get a better response in /r/asknetsec if you can formulate a clear and specific question. This subreddit is more focused on breaching than securing.

  • #281544


    Security should be part of the entire development process, from the initial planning to maintaining after release. It’s hard to fix something if there is a security flaw in your applications architecture. Security is not something you can slap on afterwards. It happens often that developers try to secure their applications afterwards by throwing cryptography at it but that doesn’t help. It’s not the developers fault though, they are pressured in making progress implementing feature after feature. And to management security doesn’t look like a feature, it’s no visible progress.

    Sorry for the non-specific answer.

You must be logged in to reply to this topic.