# Chapter two: The Evolution of Application Security Application security as many of us know it right now didn't always exist as an elegant practice. In typically the early decades of computing, security worries centered more on physical access plus mainframe timesharing adjustments than on computer code vulnerabilities. To appreciate contemporary application security, it's helpful to track its evolution from the earliest software episodes to the superior threats of today. This historical quest shows how each era's challenges molded the defenses and best practices we have now consider standard. ## The Early Days – Before Malware Almost 50 years ago and 70s, computers were large, isolated systems. Safety measures largely meant controlling who could enter in the computer room or utilize airport. Software itself seemed to be assumed to be reliable if written by respected vendors or teachers. The idea regarding malicious code has been more or less science fictional works – until a few visionary studies proved otherwise. Throughout 1971, an investigator named Bob Thomas created what is usually often considered the first computer worm, called Creeper. Creeper was not harmful; it was a self-replicating program of which traveled between networked computers (on ARPANET) and displayed some sort of cheeky message: "I AM THE CREEPER: CATCH ME IN THE EVENT THAT YOU CAN. " This experiment, as well as the "Reaper" program devised to delete Creeper, demonstrated that computer code could move in its own around systems CCOE. DSCI. IN CCOE. DSCI. IN . It had been a glimpse involving things to appear – showing that networks introduced innovative security risks further than just physical robbery or espionage. ## The Rise associated with Worms and Malware The late nineteen eighties brought the 1st real security wake-up calls. 23 years ago, the particular Morris Worm had been unleashed on the early on Internet, becoming the first widely recognized denial-of-service attack upon global netw