Revision as of 15:43, 26 August 2008 by Rahimjina (Talk | contribs)

Jump to: navigation, search

Secure application deployment

Outside of the actual code to review one must examine if the deployment of a web application is within a secure environment. Having secure code but the environment upon which the code resides is a lost cause. Accessing resources directly must be controlled within the environment;

Areas such as configuration files, directories, & resources which need authorisation need to be secured on the host such that direct access to such artifacts is disallowed.