Unit 2 Listen and Read:
Application security
Application security is the use of software, hardware, and procedural methods to protect applications from external threats. Actions taken to ensure application security are sometimes called countermeasures. The most common hardware countermeasure is a router that can prevent the IP address of an individual computer from being directly visible on the Internet. Application security can be enhanced by rigorously defining enterprise assets, identifying what each application does with respect to these assets, creating a security profile for each application, identifying and prioritizing potential threats and documenting adverse events. Security measures built into applications and a sound application security routine minimize the likelihood that unauthorized code will be able to manipulate applications to access, steal, modify, or delete sensitive data. Other countermeasures include conventional firewalls, encryption/decryption programs, anti-virus programs, spyware detection/removal programs and biometric authentication systems. In this context, a threat is any potential or actual adverse event that can compromise the assets of an enterprise, including both malicious events, such as a denial-of-service (DoS) attack.