1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Why are there still so many website vulnerabilities?

Discussion in 'CSO' started by RSS, Jun 19, 2015.

  1. RSS

    RSS New Member Member

    The cracks in the armor of most enterprise websites are many including recurring holes in OpenSSL, PHP, and WordPress and are largely due to a combination of extensive customizations paired with a shortage of testing and fixing of vulnerabilities when compared with that of long-standing commercial OS software.

    CSO Magazine traverses the treacherous terrain of the massive security craters present in today’s websites. Find out what it takes to fix these holes from the start and throughout the development life cycle.

    So many Website security punctures and protrusions

    “The primary cause for constant and recurring website (and web application) vulnerabilities is the heavily-modified to fully custom-developed nature of these technologies,” says David J. Venable, CISSP, director, Masergy Communications & former intelligence collector, the NSA. The result is largely untested sites and applications that do not undergo the same rigorous and thorough testing that most commercial software packages such as operating systems and server packages do.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page