As the information leakage caused by the weakness of application has increased, big business and banking agencies have made source code analysis to maximize online security.

According to a source of business circles, baking agencies such as Hana Bank (HB), Korea Exchange Bank(KEB), and Kookmin Bank (KB), and big business such as KT, SKT, and Samsung Electronics have established a solution to improve security through source code analysis.

Information security investment, which put into network infrastructures, has turned its direction to the stage of application development at which fundamental problems could be solved in advance. This approach is much more 'preventive' than 'prescriptive' by which a patch is provided when a defect is found.

Moon Sung-Joon, the director of Interbizen Technology, said, "Now, the general trend is to develop resistant power of application itself. The age in which information was secured by building ‘firewall’ has gone."

Gartner's survey saying that over 70% of security weakness takes place in application, not in networks, supports Mr. Moon's point.

Banking agencies pay attentions to security on web
Among various weakness of security, the most problematic one has been found in the field of web application. According to 'Common Weakness Enumeration (CWE)' project conducted by 'MITER' last year, the rate of web application-related-security weakness has rapidly increased.

MITER explained, "This result is due to the facts that it is relatively easy to attack/detect web weakness and that, from the beginning stage of development, security-lacked programs are used."

Banking agencies have been all attention to watch the development of this problem. With customers moving from the offline window to the online web, there have been ceaseless accidents of online financial transaction frauds. HB, KEB, and KB have taken source code security solution as the basic tool to prevent these accidents by developing programs.

According to the person concerned, "Building source code security system will be expanded to communications and online shopping malls, which manage their customers through web application, as well as banking agencies."

DRM companies provide source code security as well
'Fortify Software' and 'Ounce Labs' cut in two the world market for source code security solution. But, only 'Fortify' has done business in Korea.

According to Oh Se-Kwan, the president of Interbizen Technology, which provides programs made by 'Fortify', "It is difficult to grasp all end users from the beginning stage of application. This difficulty is likely to block the entrance of other competitors into the market."

In a slightly different way, however, domestic software documentation security companies have provided source code security solution. Though this started with the application of source code security to DRM, it has become involved in 'analysis of weakness' as well as 'file security'

A staff of Fasoo.com, a DRM company, said, "Not only do we support the development of application, but also we develop document security know-how in order to create demand."