 |
| Report: High percentage of apps with security vulnerabilities in the first year |
A new report shows that a third of apps, or 32%, have a security vulnerability within a year of their launch, and that number has risen to more than two-thirds, or 70%, by the fifth year.
According to a report by software company Veracode, organizations should check for vulnerabilities early and regularly in several ways to reduce the risk of serious problems in the future.
The company said that with the development of applications and with the passage of time since their launch, security vulnerabilities have accumulated, which has led to an increase in technical or security "debt".
Ignoring vulnerabilities early can lead to significant costs later, according to Veracode, citing a recent report that data breaches can now cost an average of $4.35 million.
To prevent this, developers should take several steps to reduce the risk of fatal errors, including: train developers and use different types of analysis and debugging, eg b: API analysis.
The company added that the frequency of checking is also an important factor, and the accumulated security and technical vulnerabilities must be corrected as soon as possible, giving priority to automation and security training for developers, and setting up application life cycle management, including change management, resource allocation, and agreement on governance controls.
“Using a Software Configuration Analysis (SCA) solution that leverages multiple sources of vulnerabilities beyond the national vulnerability database, the team will be alerted as soon as they are discovered,” said Chris Ng, director of research at Veracode. faster and more likely to implement protection before you start exploiting these vulnerabilities. "
"It is also advised to establish a company policy to identify and manage vulnerabilities and explore ways to reduce reliance on third parties," Ng added.