This IDC PlanScape discusses IDC's application security framework to secure the software development environment and life cycle.According to Gerald Johnston, adjunct research advisor for IDC's IT Executive Programs (IEP), "Application security is not just an IT concern; it's a business imperative. Developer environments and privileged access are the new keys to the kingdom and must be protected with the same rigor as customer data or financial assets."
IDC PlanScape Figure
Executive Summary
Why Is an Application Security Framework Important?
What Is an Application Security Framework?
Secure the Design
Secure the Code
Harden the Development Environment
Manage Vulnerabilities Across the Life Cycle
Who Are the Key Stakeholders?
How Can My Organization Take Advantage of an Application Security Framework?
Secure the Design
Define and Communicate Secure Development Policies
Integrate Security Requirements into Planning
Secure the Code
Equip Development Teams with Approved Tools and Reusable Patterns
Embed Security into the CI/CD Pipelines
Reinforce Secure Coding Discipline
Harden the Development Environment
Operationalize Vulnerability Management
Create and Track Risks and Vulnerabilities as Part of the Life-Cyle Process
