dentify –As developers we usually have a good understanding of what comprises the software you are using and the supply chain that built it, because breaches can occur at any point of distribution.
Assess – Look at any dependences of that software and the supply chain itself. We have many automated tools that can help us do this, quicker and easier.
Mitigate – Once we’ve gathered information on the risks, we define the mitigation tactics to eliminate the critical vulnerabilities to minimize our client’s risks.
Prevent – The final step here is to put the right tools and processes in place to help minimize risks and threats in the future. These preventative steps can span from extra training and communication to team members, to automated cyber security tools that scan your code, development pipelines, and deployment environments.
“These young men are saying I need a padlock for my website to keep thieves out.: They say it even has a key.” – Mrs B Greenend
How to protect yourself and your web applications?
Implement multi-factor authentication on your accounts and make it significantly difficult and so less likely you’ll get hacked. For instance most backs have implemented receive a verification code on your mobile phone to check it is really you. Update your software. In fact, turn on automatic update because Manufacturers usually release updates to cover the rattling locks. Think before you click. More than 90% of successful cyber-attacks start with a phishing email. Most of the known culprits use an attachment, avoid opening attachments from email you dont recognise. Use strong passwords, and ideally a password manager to generate and store unique passwords. There so many password managers in this era to help you create and securely store your passwords.