1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Report: Scripting languages most vulnerable, mobile apps need better crypto

Discussion in 'CSO' started by RSS, Dec 3, 2015.

  1. RSS

    RSS New Member Member

    According to an analysis of over 200,000 applications, PHP is the programming language with the most vulnerabilities, mobile apps suffer from cryptography problems, and developers are more likely to fix errors found with static instead of dynamic analysis.

    The report, by Boston-based security firm Veracode, was released this morning and is based on Veracode's assessment of more than a trillion lines of code for customers at large and small companies, commercial software suppliers, and open source projects.

    Scripting languages lead in vulnerabilities

    Overall, scripting languages like PHP had a much higher incidence of vulnerabilities than Java or .NET, said Chris Wysopal, Veracode's CTO and CISO.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page