# Chapter two: The Evolution of Application Security Software security as we know it right now didn't always are present as an official practice. In the early decades involving computing, security concerns centered more about physical access and mainframe timesharing controls than on signal vulnerabilities. To understand modern application security, it's helpful to find its evolution in the earliest software assaults to the superior threats of right now. This historical journey shows how each era's challenges formed the defenses in addition to best practices we have now consider standard. ## The Early Days – Before Spyware and adware Almost 50 years ago and seventies, computers were big, isolated systems. Protection largely meant controlling who could enter in the computer room or make use of the terminal. Software itself was assumed to be reliable if written by reliable vendors or academics. The idea regarding malicious code was more or less science fiction – until the few visionary experiments proved otherwise. Inside 1971, a specialist named Bob Jones created what is definitely often considered typically the first computer worm, called Creeper. Creeper was not harmful; it was a new self-replicating program that will traveled between network computers (on ARPANET) and displayed some sort of cheeky message: "I AM THE CREEPER: CATCH ME WHEN YOU CAN. " This experiment, and the "Reaper" program created to delete Creeper, demonstrated that signal could move upon its own throughout systems CCOE. DSCI. IN CCOE. DSCI. IN . It had been a glimpse associated with things to are available – showing that networks introduced fresh security risks beyond just physical theft or espionage. ## The Rise regarding Worms and Malware The late eighties brought the initial real security wake-up calls. 23 years ago, the particular Morris Worm seemed to be unleashed around the early on Internet, becoming the particular first widely identified denial-of-service attack about global networks. D