Evolution of Application Security

On December 28, 2016

Application Security has come over a long way from its origins to where it is now. The evolution of Application security and its history can be dated back to at least 1980s. From its rudimentary origins it grew parallel and in direct response to the various contemporary and emerging threats of the time frame. Although a comprehensive documentation on the History of Application security can be too lengthy and verbose for the purpose of this read. But it can be reliable divided into 3 distinct phases based on the distinct and unique nature and purpose of each :

  • Web Application Security
  • Mobile Application Security
  • Cloud Based Security
  • Blockchain & IoT

Usually it was first used for web based applications to protect & secure it. This was from a time when only web-based apps and sites were accessible and were predominantly used by the users. This was the most used platform for users and likewise faced many threats aimed on the web-based applications and sites. To prevent security issues from arising in the web aspect of things the security researchers and developers came with a universal standard for Web Security named OWASP Top 10. At that time it was assumed that this will solve all of the existing and future problems with the implementation of this standard for the Web Platform.

After the web era came the time of the mobile apps to take the center-stage for most concurrent user visits for an application and mobile apps. Mobile application and sites were more accessible and easy to use for the majority of the users and are so even at the present timeline. This posed a serious challenge for the Security analysts and researcher as this architecture was completely different from the web architecture. Mobile Security can be ensured with a variety of integration such as Tokenization and compliance wth standards such as the Mobile Application Security Verification Standard (MASVS) as well as OWASP for Mobile.

In the process of innovation market leaders came up with a new and revolutionary idea of Cloud Computing and storage. Under this system a user is freed of the burden of having a fixed hardware and storage at all times for its business instead it can easily use the Cloud Storage service for its data and information storage uses with the important advantage of flexibility in hardware scaling according to his present required needs. This needed a formation of a new unique Security standard called the CSA (Cloud Security Alliance) involving various leading and established security researchers.

Blockchain & IoT are the newest technologies that are trending in the cybersecurity domain and have a vast potential for a breakthrough in increasing the quality of life of the users. Presently it is very difficult for security researchers to find a reliable and universal standard for Blockchain & IoT. In fact IoT attacks are so prevalent, difficult to identify & have a hazardous scope that it is believed that cyberattacker exploited cybersecurity to bring down the NEW YORK Power grid.

Creating a Standard Application security standard for all of the platforms is going to be a continuous and long process as new technology emerge from the depths of human innovation & imagination.