BANGALORE, INDIA: More than half of all softwares failed to meet an acceptable level of security and 8 out of 10 web applications failed to comply with the OWASP Top 10 security requirements, with cross site scripting XXS (a most prevalent of vulnerabilities), states the newly released Volume 2 of the State of Software Security by Veracode, cloud risk-based security specialist.
In its study of more than 2900 web applications over the last 18 months, Veracode says that, over the last six months there have been multiple new zero-day vulnerabilities reported in Microsoft Windows and widely covered uneasiness about the security of mobile apps, cloud service providers and SCADA systems.
The following are some of the most significant findings in the State of Software Security Volume 2, representing 2,922 applications assessed in the last 18 months by Veracode SecurityReview, a cloud-based application risk management services platform.
1. More than half of all software failed to meet an acceptable level of security and 8 out of 10 web applications failed to comply with the OWASP Top 10
2. Cross-site Scripting remains the most prevalent of all vulnerabilities
3. Third-party applications were found to have the lowest security quality
4. Developers repaired security vulnerabilities quickly
5. Suppliers of Cloud/Web applications were the most requested third-party assessments
6. No single method of application security testing is adequate by itself
7. The security quality of applications from Banks, Insurance, and Financial Services industries was not commensurate with their business criticality
To DEEP DIVE on this CLICK HERE...