Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
    • Physical security measures
    • Personnel security measures
    • Electronic security measures
      • Defending against electronic attacks
      • Information sharing concept
      • Processes
      • Networks
      • SCADA
      • Operating systems
      • Applications
      • Disposal of sensitive information
  • Products and services
  • Research
Home > Protecting your assets > Electronic security measures > Applications

Applications

Applications are pieces of software performing specific tasks. It is essential to understand that they do not exist in a vacuum and their security must be considered in the environment they inhabit. There are two considerations of application security: internal security, if the application fails, does it do so in a safe manner; and the relationship with the computer it operates on, does it require excessive privileges?

Security professionals should ask 'Is the application required on the system?' and 'Has the application been configured securely?'

Links to:

Securing web applications

Technical Note 03/02: Guidance on securing web sites

Technical Note 01/03: Understanding database security

Technical Note 05/03: Configuration and use of web browsers

Technical Note 06/03: Guidance on securing web sites

Technical Note 09/04: Guidance on mitigating the security risks of SQL injection attack

16/07/2007
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |