Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] Free Software More Secure Than Proprietary

  • Subject: [News] Free Software More Secure Than Proprietary
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Tue, 02 Mar 2010 08:47:23 +0000
  • Followup-to: comp.os.linux.advocacy
  • Newsgroups: comp.os.linux.advocacy
  • User-agent: KNode/4.3.1
Hash: SHA1

State Of Application Security: Nearly 60 Percent Of Apps Fail First Security Test 

,----[ Quote ]
| Around 58 percent of the applications 
| tested by application security testing 
| service provider Veracode in the past 
| year-and-a-half failed to achieve a 
| successful rating in their first round of 
| testing. "The degree of failure to meet 
| acceptable standards on first submission 
| is astounding -- and this is coming from 
| folks who care enough to submit their 
| software to our [application security 
| testing] services," says Roger Oberg, 
| senior vice president of marketing for 
| Veracode. "The implication here is that 
| more than half of all applications are 
| susceptible to the kinds of 
| vulnerabilities we saw at Heartland, 
| Google, DoD, and others -- these were all 
| application-layer attacks." 
| [...]
| Despite the relatively gloomy picture of 
| developers still missing the mark 
| initially on security, there were some 
| bright spots in the report: Open-source 
| software isn't as risky as you'd think, 
| and financial services organizations and 
| government agencies tend to have more 
| secure applications from the get-go; more 
| than half of their apps passed as 
| acceptable in the first submission to 
| testing, according to Veracode's report. 


If You Canât Beat Malware, Tunnel Through It

,----[ Quote ]
| Start-up Israeli security company Trusteer 
| claims to have hit on a different tactic 
| when it comes to combating financial 
| malware and making activities such as 
| online banking more secure.
| Rather than trying to eliminate every 
| nasty from a userâs desktop, the four 
| year-old company claims its Rapport 
| software establishes a secure link between 
| a customerâs desktop and the bankâs 
| systems, excluding any malware in the 
| process. The approach has been greeted 
| with enthusiasm by analysts with a recent 
| report from Frost and Sullivan neatly 
| distilling the problem and Trusteerâs 
| response to it.



DoD: Open-source software more secure

,----[ Quote ]
| Daniel Risacher, Associate Director of
| Enterprise Services and Integration at the
| DoD's Office of the Chief Information Officer,
| helped write a memo requiring all DoD agencies
| to evaluate open-source software on an equal
| basis with proprietary software. The reason is
| simple, according to Risacher: Software that
| goes through a process of peer review tends to
| be more reliable and secure than software that
| has not had the same level of scrutiny.

Version: GnuPG v1.4.9 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index