Keselamatan aplikasi ialah amalan melindungi perisian daripada ancaman — membina dan menyelenggara aplikasi supaya ia tahan terhadap serangan, melindungi data, dan berkelakuan dengan selamat. Ia penting kerana pelanggaran keselamatan membawa akibat yang teruk: kecurian data, kerugian kewangan, dan kepercayaan yang terjejas.
Apa yang dilindungi oleh keselamatan aplikasi
App security = protecting software and its data from threats throughout the lifecycle:
→ secure CODING (avoid vulnerabilities like injection, XSS)
→ AUTHENTICATION (who are you?) and AUTHORIZATION (what can you do?)
→ protecting DATA (encryption in transit and at rest)
→ input VALIDATION, secure configuration, dependency security, etc.
→ "Security" is a quality of the whole system, not a single feature.
