1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Government ranks last in fixing software security holes

Discussion in 'CSO' started by RSS, Jun 23, 2015.

  1. RSS

    RSS New Member Member

    Three-quarters of all government Web and mobile applications fail their initial security reviews, making it the worst-performing vertical -- and government agencies are also the slowest at fixing vulnerabilities, according to a new report released today by Veracode.

    The report covers more than 200,000 applications analyzed over the past 18 months by the company. According to Chris Wysopal, CTO and CISO at Veracode, the application could be newly-written software, or legacy applications being sent to Veracode for the first time.

    The applications are scanned for the most common security flaws, such as SQL injections, cross-site scripting, weak cryptography, using components with known vulnerabilities, missing access controls and broken authorization.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page