Security expert Paul Ionescu addresses the basic issues, concerns, challenges, and solutions to making cloud and web applications secure. Learn the common vulnerabilities, trends in web attacks, and the key practices to build into the software development cycle.
To learn more about the threats, practices, and resources available to help you build secure applications, check out these resources:
- Web application security fundamentals: Use this knowledge path to learn the basics of web application security and the risks involved in running a website from development to deployment.
- Security in Development: The IBM Secure Engineering Framework: Examine secure engineering practices for software products and get a description of an end-to-end approach to product delivery, with security taken into account.
- OWASP: Free and open software security community: Resources on how to build, design, and test the security of web applications and web services
The General Manager of IBM Security Systems, Brendan Hannigan, speaks often on the topic of security, especially as it relates to web technologies. For more information on technology security from the enterprise perspective, watch Brendan's videos:
- Video: Discussing application security
- Video: Defining security intelligence
- Video: Defining advanced persistent threats; changes to the threat landscape
- Video: On security and compliance (Pulse 2012( [Transcript | Audio]
- IBM Security Solutions channel on YouTube
Also, try this expert advice:
- Audio: Paul Kaspian and Karl Snider on adopting an integrated approach to web application threats through scanning [Transcript]
- Podcast: IBM Director of Application Security Caleb Barlow on security topics
Finally, you can explore IBM's solution, IBM Security AppScan family, a market-leading portfolio of application security and risk management solutions for mobile and web applications.
resources on mobile security
resources on secure software development
products for application security
Paul Ionescu leads the secure engineering program for the IBM Security Systems division. He is also part of the AppScan Research and Development team. Since he joined IBM in 2007 he worked in several areas of the application security business including support, technical sales, technical enablement and development.
Robin Langford, developerWorks managing editor, divides her time between rich media production and IBM product trials. Before developerWorks, she wrote for, edited, and managed information for IBM software and hardware in development. Her degrees are in English from Auburn University in Auburn, AL, and Technical writing from Rensselaer Polytechnic Institute in Troy, NY.
Scott Laningham, host of developerWorks podcasts, was previously editor of developerWorks newsletters. Prior to IBM, he was an award-winning reporter and director for news programming featured on Public Radio International, a freelance writer for the American Communications Foundation and CBS Radio, and a songwriter/musician.
Kane Scarlett is a technology journalist/analyst with 20 years in the business, working for such publishers as National Geographic, Population Reference Bureau, Miller Freeman, and IDG, and managing, editing, and writing for such august journals as JavaWorld, LinuxWorld, and of course, developerWorks.