Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] Free Software More Secure Than Proprietary

  • Subject: [News] Free Software More Secure Than Proprietary
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Tue, 02 Mar 2010 08:47:23 +0000
  • Followup-to: comp.os.linux.advocacy
  • Newsgroups: comp.os.linux.advocacy
  • User-agent: KNode/4.3.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

State Of Application Security: Nearly 60 Percent Of Apps Fail First Security Test 

,----[ Quote ]
| Around 58 percent of the applications 
| tested by application security testing 
| service provider Veracode in the past 
| year-and-a-half failed to achieve a 
| successful rating in their first round of 
| testing. "The degree of failure to meet 
| acceptable standards on first submission 
| is astounding -- and this is coming from 
| folks who care enough to submit their 
| software to our [application security 
| testing] services," says Roger Oberg, 
| senior vice president of marketing for 
| Veracode. "The implication here is that 
| more than half of all applications are 
| susceptible to the kinds of 
| vulnerabilities we saw at Heartland, 
| Google, DoD, and others -- these were all 
| application-layer attacks." 
| 
| [...]
| 
| Despite the relatively gloomy picture of 
| developers still missing the mark 
| initially on security, there were some 
| bright spots in the report: Open-source 
| software isn't as risky as you'd think, 
| and financial services organizations and 
| government agencies tend to have more 
| secure applications from the get-go; more 
| than half of their apps passed as 
| acceptable in the first submission to 
| testing, according to Veracode's report. 
`----

http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=223100875

If You Canât Beat Malware, Tunnel Through It

,----[ Quote ]
| Start-up Israeli security company Trusteer 
| claims to have hit on a different tactic 
| when it comes to combating financial 
| malware and making activities such as 
| online banking more secure.
| 
| Rather than trying to eliminate every 
| nasty from a userâs desktop, the four 
| year-old company claims its Rapport 
| software establishes a secure link between 
| a customerâs desktop and the bankâs 
| systems, excluding any malware in the 
| process. The approach has been greeted 
| with enthusiasm by analysts with a recent 
| report from Frost and Sullivan neatly 
| distilling the problem and Trusteerâs 
| response to it.
`----

http://www.eweekeurope.co.uk/interview/trusteer-you-cant-beat-malware-so-tunnel-through-it-5571


Recent:

DoD: Open-source software more secure

,----[ Quote ]
| Daniel Risacher, Associate Director of
| Enterprise Services and Integration at the
| DoD's Office of the Chief Information Officer,
| helped write a memo requiring all DoD agencies
| to evaluate open-source software on an equal
| basis with proprietary software. The reason is
| simple, according to Risacher: Software that
| goes through a process of peer review tends to
| be more reliable and secure than software that
| has not had the same level of scrutiny.
`----

http://www.fiercegovernmentit.com/story/dod-open-source-software-more-secure/2009-11-09
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkuM0JsACgkQU4xAY3RXLo646QCfdcHwjhhlU5CVwg08b0gb+91H
+wkAoJ1fl51U7v0HCCFFwylLlF8zloFR
=kAdo
-----END PGP SIGNATURE-----

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index