{"id":3562,"date":"2013-03-22T15:01:54","date_gmt":"2013-03-22T14:01:54","guid":{"rendered":"http:\/\/www.solucominsight.fr\/?p=3562"},"modified":"2019-12-23T11:45:47","modified_gmt":"2019-12-23T10:45:47","slug":"secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/","title":{"rendered":"SecApp : la s\u00e9curit\u00e9 de votre SI passera par la s\u00e9curit\u00e9 applicative !"},"content":{"rendered":"<div>\n<p>La s\u00e9curit\u00e9 applicative est au centre des nouvelles menaces et des intrusions r\u00e9centes\u00a0: 75% des attaques ciblent directement les applications (source : Gartner). Souvent centr\u00e9es sur la protection des infrastructures, les \u00e9quipes s\u00e9curit\u00e9 sont souvent trop \u00e9loign\u00e9es des probl\u00e9matiques applicatives.<\/p>\n<p>Les initiatives de s\u00e9curisation se multiplient mais montrent rapidement leurs limites du fait de cette distance et des incompr\u00e9hensions qui en d\u00e9coulent.<\/p>\n<p>Quelle structure organisationnelle permettrait de r\u00e9pondre \u00e0 ces besoins ? Quels seront ses enjeux et objectifs ? Comment la mettre en place ?<\/p>\n<h2>Des menaces clairement applicatives<\/h2>\n<p>Ces derni\u00e8res ann\u00e9es ont vu une recrudescence des attaques sur les applications, avec des impacts importants. C\u2019est par exemple une injection SQL qui a eu raison des d\u00e9fenses de Sony et entra\u00een\u00e9 le vol des donn\u00e9es de 100 millions de joueurs. Chez Citibank, ce sont 360 000 donn\u00e9es clients qui ont \u00e9t\u00e9 vol\u00e9es par une simple modification d\u2019URL, entra\u00eenant une perte de 2,7 millions d\u2019euros.<\/p>\n<p>Le constat semble sans appel : les entreprises ont besoin de s\u00e9curit\u00e9 applicative. Elles ne sont cependant manifestement pas encore mures sur le sujet. \u00c0 titre d\u2019illustration, 100% des applications audit\u00e9es par Solucom sur l\u2019ann\u00e9e 2011\/12 pr\u00e9sentent au moins une faille de s\u00e9curit\u00e9 : 82% sont vuln\u00e9rables au cross-site scripting (XSS), 72% au cross-site request forgery (CSRF) et 31% \u00e0 l\u2019injection SQL. Ces attaques applicatives sont pourtant bien connues\u2026<\/p>\n<h2>Des efforts encore peu concluants<\/h2>\n<p>Une majorit\u00e9 des grandes entreprises r\u00e9alise d\u00e9j\u00e0 des actions li\u00e9es \u00e0 la s\u00e9curit\u00e9 applicative.<\/p>\n<p>Depuis des ann\u00e9es d\u00e9j\u00e0, le RSSI tente de capter les projets applicatifs et d\u00e9finir leurs besoins de s\u00e9curit\u00e9. Cependant, il se trouve constamment confront\u00e9 \u00e0 une multitude d\u2019acteurs, chefs de projet ou d\u00e9veloppeurs sans cesse renouvel\u00e9s. Par ailleurs, le manque d\u2019exp\u00e9rience et la multiplicit\u00e9 des besoins et des environnements techniques obligent souvent \u00e0 red\u00e9finir les m\u00e9canismes de s\u00e9curit\u00e9 pour chaque projet. De ce fait, les co\u00fbts li\u00e9s \u00e0 la s\u00e9curit\u00e9 sont \u00e9lev\u00e9s et difficiles \u00e0 garantir lors des cadrages de projets.<\/p>\n<p>La complexit\u00e9 de mise en \u0153uvre des solutions de s\u00e9curit\u00e9 s\u2019av\u00e8re difficilement compatible avec un time-to-market qui contraint les d\u00e9veloppeurs \u00e0 la consid\u00e9rer en dernier lieu \u2013 s\u2019il reste du temps.<\/p>\n<p>Sur le chemin menant \u00e0 la s\u00e9curisation compl\u00e8te du SI, la premi\u00e8re moiti\u00e9 du parcours s\u2019est faite lors des dix derni\u00e8res ann\u00e9es. Les RSSI ont cr\u00e9\u00e9 des relais de s\u00e9curit\u00e9 op\u00e9rationnelle et \u00e9tabli une relation de proximit\u00e9 et de confiance avec la Production. En outre, les connaissances sur la s\u00e9curit\u00e9 des infrastructures ont \u00e9t\u00e9 capitalis\u00e9es. Tous ces efforts et cette ma\u00eetrise du sujet ont permis d\u2019\u00eatre en mesure d\u2019anticiper et de r\u00e9agir rapidement aux diff\u00e9rents probl\u00e8mes de s\u00e9curit\u00e9 sur l\u2019infrastructure.<\/p>\n<p>Pour r\u00e9\u00e9quilibrer la s\u00e9curit\u00e9 de l\u2019information, pourquoi ne pas s\u2019inspirer de ce mod\u00e8le et cr\u00e9er un relai \u00ab\u00a0s\u00e9curit\u00e9 applicative \u00bb ?<\/p>\n<h2>Structurer les actions de s\u00e9curit\u00e9 applicative autour de la SecApp<\/h2>\n<p>La SecApp est une cellule transverse regroupant diff\u00e9rents sp\u00e9cialistes du domaine. Cette cellule, garante de la s\u00e9curit\u00e9 applicative, doit s\u2019approprier et structurer toutes les activit\u00e9s de s\u00e9curit\u00e9 applicative aujourd\u2019hui dispers\u00e9es dans l\u2019entreprise.<\/p>\n<p>La SecApp doit s\u2019interfacer avec toutes les entit\u00e9s (MOA, RSSI, Production\u2026). Ses objectifs sont de les guider dans la s\u00e9curisation des applications \u00e0 chaque \u00e9tape du projet ainsi que dans le maintien et l\u2019am\u00e9lioration de la s\u00e9curit\u00e9 de l\u2019application dans le temps. \u00c0 plus long terme, la SecApp a aussi pour but de simplifier la s\u00e9curit\u00e9 applicative et de rendre autonomes les diff\u00e9rents acteurs.<\/p>\n<p>Ces nouveaux liens que partagera la SecApp avec les diff\u00e9rents acteurs devront \u00eatre \u00e9troits. Alors qu\u2019elle travaillera main dans la main avec le RSSI pour les questions de politique de s\u00e9curit\u00e9 applicative et de r\u00e9glementation sp\u00e9cifique, elle sensibilisera les \u00e9quipes \u00e9tudes et MOA pour capter l\u2019ensemble des projets applicatifs. De la m\u00eame mani\u00e8re, la cellule se rapprochera de la s\u00e9curit\u00e9 op\u00e9rationnelle pour coordonner, voire piloter, les diff\u00e9rents tests de vuln\u00e9rabilit\u00e9 et mises en production des applications.<\/p>\n<p>Sa constitution requiert de rassembler des profils diversifi\u00e9s mais en premier lieu issus du monde applicatif. Actuellement en effet, la non familiarit\u00e9 des \u00e9quipes avec le d\u00e9veloppement et la vie des projets constitue le principal obstacle rencontr\u00e9 par la s\u00e9curit\u00e9 applicative.<\/p>\n<p>Le rattachement de cette SecApp diff\u00e9rera selon le contexte et l\u2019organisation interne de chaque entreprise. Id\u00e9alement, nous recommandons un positionnement au sein d\u2019une structure d\u2019architectes transverses pilotant les architectes applicatifs, les urbanistes et les architectes techniques, qui assurent la mise en \u0153uvre des applications sur l\u2019infrastructure.<\/p>\n<h2>Des fonctions diff\u00e9rentes selon la maturit\u00e9 de la SecApp<\/h2>\n<p>Dans un premier temps, la SecApp r\u00e9alise. Dans cette phase, la cellule doit intervenir en support des diff\u00e9rents chefs de projet, dans le but de constater et comprendre les probl\u00e9matiques en jeu.<\/p>\n<p>Ensuite, la SecApp capitalise. Forte de ses exp\u00e9riences, elle va commencer \u00e0 formaliser et \u00e0 mettre \u00e0 profit ses acquis pour am\u00e9liorer l\u2019efficacit\u00e9 de la s\u00e9curit\u00e9 applicative. Le but sera de commencer \u00e0 former les op\u00e9rationnels et d\u2019\u00e9viter d\u2019avoir \u00e0 red\u00e9finir tous les aspects s\u00e9curit\u00e9 \u00e0 chaque projet.<\/p>\n<p>Enfin, la SecApp offre des services. Une fois ce degr\u00e9 de maturit\u00e9 atteint, elle devient capable d\u2019utiliser intelligemment l\u2019expertise et les bonnes pratiques capitalis\u00e9es durant les \u00e9tapes pr\u00e9c\u00e9dentes. La conception et le contr\u00f4le, jusqu\u2019alors th\u00e8mes de capitalisation de savoir, sont d\u00e9sormais d\u00e9clin\u00e9s en catalogues de services.<strong><\/strong><\/p>\n<p>L\u2019enjeu de la SecApp est la simplification de la s\u00e9curisation d\u2019une application dans le temps. Au fil de son \u00e9volution, elle apprendra \u00e0 faire, puis savoir faire, et enfin savoir faire faire. En particulier, les \u00e9quipes MOA et \u00c9tudes ne seront plus isol\u00e9es, et entretiendront des liens forts avec le RSSI et la Production. De ce fait, les diff\u00e9rentes \u00e9quipes en jeu seront autonomes, et la s\u00e9curit\u00e9 applicative fera partie int\u00e9grante de la culture de l\u2019entreprise.<\/p>\n<p>Pour en savoir plus sur le sujet, consultez notre <a href=\"http:\/\/solucom.fr\/Publications\/La-cellule-SecApp-enfin-un-levier-pour-garantir-le-succes-de-la-securite-applicative\" target=\"_blank\" rel=\"noopener noreferrer\">Focus sur la s\u00e9curit\u00e9 applicative.<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>La s\u00e9curit\u00e9 applicative est au centre des nouvelles menaces et des intrusions r\u00e9centes\u00a0: 75% des attaques ciblent directement les applications (source : Gartner). Souvent centr\u00e9es sur la protection des infrastructures, les \u00e9quipes s\u00e9curit\u00e9 sont souvent trop \u00e9loign\u00e9es des probl\u00e9matiques applicatives&#8230;.<\/p>\n","protected":false},"author":1269,"featured_media":3154,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3223,36],"tags":[],"coauthors":[2765],"class_list":["post-3562","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-next-gen-it-security","category-cybersecurity-digital-trust"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SecApp : la s\u00e9curit\u00e9 de votre SI passera pas la s\u00e9curit\u00e9 applicative ! - SolucomINSIGHT<\/title>\n<meta name=\"description\" content=\"La s\u00e9curit\u00e9 applicative est au centre des nouvelles menaces et des intrusions r\u00e9centes : 75% des attaques ciblent directement les applications (source : Gartner). Souvent centr\u00e9es sur la protection des infrastructures, les \u00e9quipes s\u00e9curit\u00e9 sont souvent trop \u00e9loign\u00e9es des probl\u00e9matiques applicatives.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SecApp : la s\u00e9curit\u00e9 de votre SI passera pas la s\u00e9curit\u00e9 applicative ! - SolucomINSIGHT\" \/>\n<meta property=\"og:description\" content=\"La s\u00e9curit\u00e9 applicative est au centre des nouvelles menaces et des intrusions r\u00e9centes : 75% des attaques ciblent directement les applications (source : Gartner). Souvent centr\u00e9es sur la protection des infrastructures, les \u00e9quipes s\u00e9curit\u00e9 sont souvent trop \u00e9loign\u00e9es des probl\u00e9matiques applicatives.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2013-03-22T14:01:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-12-23T10:45:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"848\" \/>\n\t<meta property=\"og:image:height\" content=\"566\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"zephSolucomBO\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"zephSolucomBO\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/\"},\"author\":{\"name\":\"zephSolucomBO\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/61c2fe74fad6b31442e1706ccacf3421\"},\"headline\":\"SecApp : la s\u00e9curit\u00e9 de votre SI passera par la s\u00e9curit\u00e9 applicative !\",\"datePublished\":\"2013-03-22T14:01:54+00:00\",\"dateModified\":\"2019-12-23T10:45:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/\"},\"wordCount\":1078,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg\",\"articleSection\":[\"Cloud &amp; Next-Gen IT Security\",\"Cybersecurity &amp; Digital Trust\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/\",\"name\":\"SecApp : la s\u00e9curit\u00e9 de votre SI passera pas la s\u00e9curit\u00e9 applicative ! - SolucomINSIGHT\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg\",\"datePublished\":\"2013-03-22T14:01:54+00:00\",\"dateModified\":\"2019-12-23T10:45:47+00:00\",\"description\":\"La s\u00e9curit\u00e9 applicative est au centre des nouvelles menaces et des intrusions r\u00e9centes : 75% des attaques ciblent directement les applications (source : Gartner). Souvent centr\u00e9es sur la protection des infrastructures, les \u00e9quipes s\u00e9curit\u00e9 sont souvent trop \u00e9loign\u00e9es des probl\u00e9matiques applicatives.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg\",\"width\":848,\"height\":566},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SecApp : la s\u00e9curit\u00e9 de votre SI passera par la s\u00e9curit\u00e9 applicative !\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/61c2fe74fad6b31442e1706ccacf3421\",\"name\":\"zephSolucomBO\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/zephsolucombo\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SecApp : la s\u00e9curit\u00e9 de votre SI passera pas la s\u00e9curit\u00e9 applicative ! - SolucomINSIGHT","description":"La s\u00e9curit\u00e9 applicative est au centre des nouvelles menaces et des intrusions r\u00e9centes : 75% des attaques ciblent directement les applications (source : Gartner). Souvent centr\u00e9es sur la protection des infrastructures, les \u00e9quipes s\u00e9curit\u00e9 sont souvent trop \u00e9loign\u00e9es des probl\u00e9matiques applicatives.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/","og_locale":"en_US","og_type":"article","og_title":"SecApp : la s\u00e9curit\u00e9 de votre SI passera pas la s\u00e9curit\u00e9 applicative ! - SolucomINSIGHT","og_description":"La s\u00e9curit\u00e9 applicative est au centre des nouvelles menaces et des intrusions r\u00e9centes : 75% des attaques ciblent directement les applications (source : Gartner). Souvent centr\u00e9es sur la protection des infrastructures, les \u00e9quipes s\u00e9curit\u00e9 sont souvent trop \u00e9loign\u00e9es des probl\u00e9matiques applicatives.","og_url":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/","og_site_name":"RiskInsight","article_published_time":"2013-03-22T14:01:54+00:00","article_modified_time":"2019-12-23T10:45:47+00:00","og_image":[{"width":848,"height":566,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg","type":"image\/jpeg"}],"author":"zephSolucomBO","twitter_misc":{"Written by":"zephSolucomBO","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/"},"author":{"name":"zephSolucomBO","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/61c2fe74fad6b31442e1706ccacf3421"},"headline":"SecApp : la s\u00e9curit\u00e9 de votre SI passera par la s\u00e9curit\u00e9 applicative !","datePublished":"2013-03-22T14:01:54+00:00","dateModified":"2019-12-23T10:45:47+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/"},"wordCount":1078,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg","articleSection":["Cloud &amp; Next-Gen IT Security","Cybersecurity &amp; Digital Trust"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/","url":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/","name":"SecApp : la s\u00e9curit\u00e9 de votre SI passera pas la s\u00e9curit\u00e9 applicative ! - SolucomINSIGHT","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg","datePublished":"2013-03-22T14:01:54+00:00","dateModified":"2019-12-23T10:45:47+00:00","description":"La s\u00e9curit\u00e9 applicative est au centre des nouvelles menaces et des intrusions r\u00e9centes : 75% des attaques ciblent directement les applications (source : Gartner). Souvent centr\u00e9es sur la protection des infrastructures, les \u00e9quipes s\u00e9curit\u00e9 sont souvent trop \u00e9loign\u00e9es des probl\u00e9matiques applicatives.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/02\/Fotolia_46003418_S.jpg","width":848,"height":566},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/2013\/03\/secapp-la-securite-de-votre-si-passera-pas-la-securite-applicative\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"SecApp : la s\u00e9curit\u00e9 de votre SI passera par la s\u00e9curit\u00e9 applicative !"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/61c2fe74fad6b31442e1706ccacf3421","name":"zephSolucomBO","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/zephsolucombo\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/3562","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1269"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=3562"}],"version-history":[{"count":8,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/3562\/revisions"}],"predecessor-version":[{"id":12456,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/3562\/revisions\/12456"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/3154"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=3562"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=3562"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=3562"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=3562"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}