Software Vulnerabilities Reaching 'Unacceptable' Levels
Shaun Nichols writes on v3.co.uk:
Developers are failing to meet industry security standards when creating new software, according to testing firm Veracode.
Data collected on 2,900 applications by the company's security verification service suggests that more than half of tested applications contain " unacceptable" levels of vulnerabilities.
Financial sector applications had the lowest vulnerability levels, and mission-critical applications in general were found to be less vulnerable.
Web-based applications were found to be particularly vulnerable, however. More than 80 per cent of submitted web applications contained errors listed in the Open Web Application Security Project's Top 10 risk list.
Sam King, vice president of product marketing at Veracode, told V3.co.uk that the high number of vulnerabilities in web applications could be down to the skill of the developer and heightened interest in testing web applications.