parallax background

Application Software Security

CIS Control 18


Manage the security lifecycle of all in-house developed and acquired software in order to prevent, detect and correct security weaknesses.

Why is this Critical?


Attackers leverage the most easily exploitable targets to execute attacks, and this often includes web-based and other application software. They can inject specific exploits including buffer overflows, SQL injection attacks, cross-site scripting, and click-jacking of code to gain control over vulnerable machines.

This CIS Control focuses on preventing, detecting, and correcting security weaknesses in applications, such as coding mistakes, logic errors, outdated software versions, etc. Organizations can prevent application vulnerabilities from being exploited by securing applications with software updates, patch management, and firewall deployments as well as by establishing secure coding practices and by applying static and dynamic analysis tools to verify that secure coding practices are being adhered to for internally developed software.

Ready to solve your security needs?

Choose Cyvatar for your managed security outcomes.

Haven't found what you're looking for?

Our team of advisors loves questions. Let us know what problems you are trying to solve and we'll help you find a solution.

Get Started for Free