Subject: Application Security
- How many external (internet) facing applications does your trust have? if not known please state this rather than estimate.
- How many internal applications does your trust have? If not know please state this rather than estimate.
- Are all applications protected by Web Application Firewalls?
- If yes to question 3, which vendors WAF’s are in use?
- How often do you commission application security penetration testing (note not the same as network pen testing)?
- Which company provides Application Security Testing to your trust?
- When was the last time your main patient facing website was penetration tested?
- When was the last time your patient record storing application was tested?
- What is the annual spend on both application security and cyber security in general.
|Please find information attached.
2018-689 – FOI Request – Application Security [106 kb] PDF