By Mark Hachman
July 30, 2004


LAS VEGAS—Not enough CISOs understand the limits of application security or the tools to execute them, a panel of security experts said Thursday.

Too many customers are treating so-called "pen scans" as the latest buzzword, without knowing how to apply the results to improve their security, according to panelists at the Black Hat security briefings here. Meanwhile, corporations still aren't paying enough attention to application security in the design and rollout phases, leaving security analysts with little time to analyze the code before it is shipped to customers.


Story continues