Herndon, VA (PRWEB) March 9, 2009
Plynt's security researchers have released another book, this time by writing a Handbook on Security Testing of Banking Applications. The authors Arvind Doraiswamy, Sangita Pakala et. al. are part of Plynt's security testing and security research teams. This book is published by IT Governance and is available in a downloadable format here.
Attackers are increasingly focusing their attention on the application layer; visionary banks have responded by proactively testing their entire suite of applications. It is not enough any more to test only the public facing Internet banking application. The ease with which many attacks can be carried out now requires that all applications, including internal applications, be tested.
Security Testing Handbook for Banking Applications is a specialized guide to testing a wide range of banking applications. The book is intended as a companion to security professionals, software developers and QA professionals who work with banking applications. The book is a manual for compliance with current and future regulatory compliance requirements; it may also be seen simply as a practical and comprehensive guide to best practice application security to support every person involved in this field. The authors are all part of a large Application Security team at Plynt (Security Testing division of Paladion); between them they have tested over three hundred banking applications. Within this book the authors share their experiences of using a structured approach to security testing, look at the checklist used for testing, discuss different banking applications and see how these can be tested effectively. Security executives and personnel at Banks can download a sample banking application security test report from the site.
The Plynt website has additional resources Plynt has published for their banking clients. These include a series on Mobile Baknking security (mobile banking architecture, mobile banking security best practices) and a series on anti-phishing (Anti-Phishing Detection Techniques, Anti-Phishing Protection Techniques, Anti-Phishing incidence response).
Paladion (operating in the US and UK as Plynt) is a full service information security provider. Plynt is the security testing division which focuses on application penetration testing, security code reviews, vulnerability assessments and network audits and penetration tests. With a global footprint across 16 countries and actively managing security for over 300 customers, Plynt today is one of the largest security testing firms in the world. It has been ranked amongst the Top 500 Fastest Growing Technology Firm in Asia, three years in succession, by Deloitte. Plynt also was Red Herring 100 winner in 2008.
# # #