»ùÇà ¿äû ¸ñ·Ï

 Ä«Æ® ¹®ÀÇ
½ÃÀ庸°í¼­
»óÇ°ÄÚµå
1811719

IDC PlanScape : ¼ÒÇÁÆ®¿þ¾î °³¹ß ȯ°æ°ú ¼ö¸íÁֱ⸦ º¸È£ÇÏ´Â ¾ÖÇø®ÄÉÀÌ¼Ç º¸¾È ÇÁ·¹ÀÓ¿öÅ©

IDC PlanScape: An Application Security Framework to Secure the Software Development Environment and Life Cycle
¹ßÇàÀÏ: | ¸®¼­Ä¡»ç: IDC | ÆäÀÌÁö Á¤º¸: ¿µ¹® 18 Pages | ¹è¼Û¾È³» : Áï½Ã¹è¼Û

    
    
    



¡Ø º» »óÇ°Àº ¿µ¹® ÀÚ·á·Î Çѱ۰ú ¿µ¹® ¸ñÂ÷¿¡ ºÒÀÏÄ¡ÇÏ´Â ³»¿ëÀÌ ÀÖÀ» °æ¿ì ¿µ¹®À» ¿ì¼±ÇÕ´Ï´Ù. Á¤È®ÇÑ °ËÅ並 À§ÇØ ¿µ¹® ¸ñÂ÷¸¦ Âü°íÇØÁֽñ⠹ٶø´Ï´Ù.

À̹ø IDC PlanScape¿¡¼­´Â ¼ÒÇÁÆ®¿þ¾î °³¹ß ȯ°æ ¹× ¶óÀÌÇÁ»çÀÌŬÀ» º¸È£Çϱâ À§ÇÑ IDCÀÇ ¾ÖÇø®ÄÉÀÌ¼Ç º¸¾È ÇÁ·¹ÀÓ¿öÅ©¸¦ ´Ù·ì´Ï´Ù. IDC IT °æ¿µÀÚ ÇÁ·Î±×·¥(IEP)ÀÇ °âÀÓ ¿¬±¸ °í¹®ÀÎ Á¦·²µå Á¸½ºÅÏÀº "¾ÖÇø®ÄÉÀÌ¼Ç º¸¾ÈÀº ´Ü¼øÇÑ IT ¹®Á¦°¡ ¾Æ´Õ´Ï´Ù. ÀÌ´Â ºñÁî´Ï½ºÀÇ Çʼö ¿ä¼ÒÀÔ´Ï´Ù. °³¹ßÀÚ È¯°æ°ú Ư±Ç Á¢±Ù ±ÇÇÑÀº »õ·Î¿î ¿Õ±¹ÀÇ ¿­¼èÀ̸ç, °í°´ µ¥ÀÌÅͳª ±ÝÀ¶ ÀÚ»ê°ú µ¿ÀÏÇÑ ¼öÁØÀÇ ¾ö°ÝÇÔÀ¸·Î º¸È£µÇ¾î¾ß ÇÕ´Ï´Ù."¶ó°í ¸»Çß½À´Ï´Ù.

ÁÖ¿ä ¿ä¾à

¾ÖÇø®ÄÉÀÌ¼Ç º¸¾È ÇÁ·¹ÀÓ¿öÅ©°¡ Áß¿äÇÑ ÀÌÀ¯

¾ÖÇø®ÄÉÀÌ¼Ç º¸¾È ÇÁ·¹ÀÓ¿öÅ©¶õ ¹«¾ùÀΰ¡?

  • ¼³°è ¾ÈÀü¼º
  • ÄÚµå º¸È£
  • °³¹ß ȯ°æÀ» °­È­
  • ¼ö¸íÁÖ±â Àüü¿¡ °ÉÄ£ Ãë¾à¼º °ü¸®

ÁÖ¿ä ÀÌÇØ°ü°èÀÚ´Â ´©±¸Àΰ¡?

Á¶Á÷Àº ¾ÖÇø®ÄÉÀÌ¼Ç º¸¾È ÇÁ·¹ÀÓ¿öÅ©¸¦ ¾î¶»°Ô È°¿ëÇÒ ¼ö Àִ°¡?

  • ¼³°è ¾ÈÀü¼º
    • ¾ÈÀüÇÑ °³¹ß Æú¸®½ÃÀÇ Á¤ÀÇ¿Í Àü´Þ
    • º¸¾È ¿ä°ÇÀ» °èȹ¿¡ ÅëÇÕ
  • ÄÚµå º¸È£
    • °³¹ß ÆÀ¿¡ ½ÂÀÎµÈ µµ±¸¿Í Àç»ç¿ë °¡´ÉÇÑ ÆÐÅÏÀ» Á¦°ø
    • CI/CD ÆÄÀÌÇÁ¶óÀο¡ º¸¾ÈÀ» ³»ÀçÈ­
    • ¾ÈÀüÇÑ ÄÚµù ±ÔÀ² °­È­
  • °³¹ß ȯ°æÀ» °­È­
  • Ãë¾à¼º °ü¸® ¿î¿µ
    • ¶óÀÌÇÁ»çÀÌŬ ÇÁ·Î¼¼½ºÀÇ ÀÏȯÀ¸·Î À§Çè ¹× Ãë¾àÁ¡ »ý¼º ¹× ÃßÀû
    • Á¤º¸ ¼öÁý
    • °æ¿µÁø¿¡°Ô À§Çè °¡½ÃÈ­

±â¼ú ±¸¸ÅÀÚ¸¦ À§ÇÑ ¾îµå¹ÙÀ̽º

  • Àü·«Àû
  • Àü¼úÀû

°ü·Ã Á¶»ç

LSH

This IDC PlanScape discusses IDC's application security framework to secure the software development environment and life cycle.According to Gerald Johnston, adjunct research advisor for IDC's IT Executive Programs (IEP), "Application security is not just an IT concern; it's a business imperative. Developer environments and privileged access are the new keys to the kingdom and must be protected with the same rigor as customer data or financial assets."

IDC PlanScape Figure

Executive Summary

Why Is an Application Security Framework Important?

What Is an Application Security Framework?

  • Secure the Design
  • Secure the Code
  • Harden the Development Environment
  • Manage Vulnerabilities Across the Life Cycle

Who Are the Key Stakeholders?

How Can My Organization Take Advantage of an Application Security Framework?

  • Secure the Design
    • Define and Communicate Secure Development Policies
    • Integrate Security Requirements into Planning
  • Secure the Code
    • Equip Development Teams with Approved Tools and Reusable Patterns
    • Embed Security into the CI/CD Pipelines
    • Reinforce Secure Coding Discipline
  • Harden the Development Environment
  • Operationalize Vulnerability Management
    • Create and Track Risks and Vulnerabilities as Part of the Life-Cyle Process
    • Gather Intelligence
    • Make Risk Visible to Leadership

Advice for Technology Buyers

  • Strategic
  • Tactical

Related Research

»ùÇà ¿äû ¸ñ·Ï
0 °ÇÀÇ »óÇ°À» ¼±Åà Áß
¸ñ·Ï º¸±â
Àüü»èÁ¦