Not going to say that they are 'inherently' more secure. With Open source (for one atleast) it leaves a lot open to be viewed by attackers. This and they don't have the security pen testing that most people do, sure they get some reports but it doesn't mean everyone reports what they find for the simple fact of using it later.
Also, Apple cares not about the security of their product like Microsoft does nowadays. Apple has never had a huge hack, which does not mean it is secure, just because there is a limited number of users that lead to no one attempting to attack them for profit.
Nothing is secure.
IBM AppScan (AppScan or Enterprise) was developed by Watchfire and than acquired by IBM for the sole purpose of Web application security testing. When you bring in a group of security testers they usually use a tool to help them with the automated testing, but if you get this than you can have your developers do their own testing as well as have security consultants use the data to preform their own pen testing.
(Posted it under anonymous without thinking)
Slashdot Mirror
Not going to say that they are 'inherently' more secure. With Open source (for one atleast) it leaves a lot open to be viewed by attackers. This and they don't have the security pen testing that most people do, sure they get some reports but it doesn't mean everyone reports what they find for the simple fact of using it later. Also, Apple cares not about the security of their product like Microsoft does nowadays. Apple has never had a huge hack, which does not mean it is secure, just because there is a limited number of users that lead to no one attempting to attack them for profit. Nothing is secure.
IBM AppScan (AppScan or Enterprise) was developed by Watchfire and than acquired by IBM for the sole purpose of Web application security testing. When you bring in a group of security testers they usually use a tool to help them with the automated testing, but if you get this than you can have your developers do their own testing as well as have security consultants use the data to preform their own pen testing. (Posted it under anonymous without thinking)