Your Applications Are Not Safe

More

After testing more than 2,900 applications, Veracode, Inc., a Massachusetts-based risk management and Internet security company, found that more than half of them didn't meet "acceptable levels of security," according to a report released as part of the Gartner Security and Risk Management Summit held in London on Wednesday.

The results were based on tests done to a wide variety of applications that were submitted over the past 18 months to the company's cloud-based platform.

"In the past six months alone there have been multiple new zero-day vulnerabilities ... that reinforce concerns about unknown weaknesses lurking in everyday software," reads the press release that accompanies the report, "State of Software Security Report: Volume 2." Zero-day vulnerabilities refer to holes in the software that could be exploited by an attacker or virus on the same day that they become generally known. Without any time to respond, the developer is unable to distribute a fix.

The report also found that more than half of the submitted applications failed even when they lowered the security bar.

According to the report, eight out of every ten applications tested by the company would fail a different test, the PCI audit, too. That worldwide standard for peripheral devices was developed by the PCI Security Standards Council to spot potential problems with credit card fraud and protect consumers.

The only bright spot in the entire report is a note that security flaws are being identified and patched quicker than ever. Still, it takes an average of 16 days for organizations to repair the flaws in their applications, leaving customers vulnerable in the meantime.

Jump to comments
Presented by

Nicholas Jackson is a former associate editor at The Atlantic.

Get Today's Top Stories in Your Inbox (preview)

Sad Desk Lunch: Is This How You Want to Die?

How to avoid working through lunch, and diseases related to social isolation.


Elsewhere on the web

Join the Discussion

After you comment, click Post. If you’re not already logged in you will be asked to log in or register. blog comments powered by Disqus

Video

Where Time Comes From

The clocks that coordinate your cellphone, GPS, and more

Video

Computer Vision Syndrome and You

Save your eyes. Take breaks.

Video

What Happens in 60 Seconds

Quantifying human activity around the world

Writers

Up
Down

More in Technology

Just In