Deploying Applications Securely

The process of deploying and maintaining the application securely should occur at the end of the lifecycle. Of course, designing the application so that it can be deployed securely needs to start at the beginning. Secure deployment means that the software is installed with secure defaults. File permissions are set appropriately, and the secure settings of the application's configuration are used.

Additionally, the secure deployment has to be monitored constantly, and vulnerabilities have to be managed.

Patch Management: Managing Vulnerabilities

After you develop the software using the SSDL, it is important to put a patch management process in place to allow for managing vulnerabilities.

Tracking and prioritizing internally and externally identified vulnerabilities, out-of-cycle source code auditing, and penetration testing when a number of external vulnerabilities are identified in a component are important parts of maintaining a secure application environment.

Many analysts throughout the world are hard at work keeping people notified of any emerging threat. One service that gathers this type of information and alerts users accordingly is Deepsight Symantec's DeepSight Threat Management System. It helps security professionals get the security intelligence they need to do their job and protect their infrastructure efficiently.

To accomplish this objective, DeepSight and other services maintain comprehensive databases of vulnerabilities, malicious code, security risks, exposures, malicious IP addresses, and other relevant information. Correlation engines map targeted ports to events and continuously examine data streams from IDS and firewall sensors, antivirus submissions, and previously unidentified activity from proprietary honeypots placed throughout the world. The statistical analysis engine flags unusual and potentially threatening activity. Symantec's Analyst teams use all this information to develop and enhance the vulnerability, malicious code, security risk, and domain alerts. This information is also used to identify emerging threats for the advanced threat alerting of Symantec's DeepSight Threat Management System.

Whenever a user is alerted about a potential vulnerability, it is important to use various exploitability determination techniques which allows the security professional to make an educated decision about whether a patch is required.