Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] Many Business Applications, Especially Proprietary, Expose Assets to Attacks

  • Subject: [News] Many Business Applications, Especially Proprietary, Expose Assets to Attacks
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Wed, 03 Mar 2010 17:31:29 +0000
  • Followup-to: comp.os.linux.advocacy
  • Newsgroups: comp.os.linux.advocacy
  • User-agent: KNode/4.3.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Half of business apps open to security breaches 

,----[ Quote ]
| More than half the applications used by 
| enterprises contain vulnerabilities that could 
| be used to launch cyberattacks similar to 
| those suffered by Google earlier this year, 
| according to code-testing company Veracode.
| 
| That is one of the key findings of a report 
| published on Friday by Veracode, which 
| analysed thousands of applications and over 50 
| billion lines of code over the past few 
| months. The study looked at hundreds of 
| internally developed, open-source, outsourced 
| and commercial applications.
`----

http://news.zdnet.co.uk/security/0,1000000189,40064627,00.htm


Recent:

State Of Application Security: Nearly 60 Percent Of Apps Fail First Security Test

,----[ Quote ]
| Around 58 percent of the applications
| tested by application security testing
| service provider Veracode in the past
| year-and-a-half failed to achieve a
| successful rating in their first round of
| testing. "The degree of failure to meet
| acceptable standards on first submission
| is astounding -- and this is coming from
| folks who care enough to submit their
| software to our [application security
| testing] services," says Roger Oberg,
| senior vice president of marketing for
| Veracode. "The implication here is that
| more than half of all applications are
| susceptible to the kinds of
| vulnerabilities we saw at Heartland,
| Google, DoD, and others -- these were all
| application-layer attacks."
|
| [...]
|
| Despite the relatively gloomy picture of
| developers still missing the mark
| initially on security, there were some
| bright spots in the report: Open-source
| software isn't as risky as you'd think,
| and financial services organizations and
| government agencies tend to have more
| secure applications from the get-go; more
| than half of their apps passed as
| acceptable in the first submission to
| testing, according to Veracode's report.
`----

http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml?articleID=223100875
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkuOnPEACgkQU4xAY3RXLo4abQCfT1NCvYBa6o4Oat4m98or+POj
dTEAoKXVzWyP2+NA/MtIsxCR2SNbFuWF
=m5FB
-----END PGP SIGNATURE-----

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index