ABSTRACT
Introduction Th is chapter covers two interrelated tactics: software security and incident response. Th e relationship between the two may not seem obvious at fi rst, but consider this point: According to the Gartner Group, more than “75% of hacks [breaches] happen at the application.” Th e majority of attacks are aimed at applications; the majority of compromises are via application exploits. In other words, the majority of security incidents organizations are dealing with are related to applications. So from a security strategy standpoint, addressing this issue must be one of our principal objectives. Th e shift of attack focus from networks and systems to applications is based on two factors. First, attacking networks and hosts has become much harder; operating system security has improved considerably, and a plethora of security products is aimed at mitigating network and host attacks. Th e second factor is the huge increase in application targets. Millions of applications are running on the Internet that for all practical purposes are one hop away from the nearest attacker.
