The Programmer News Hubb
Advertisement Banner
  • Home
  • Technical Insights
  • Tricks & Tutorial
  • Contact
No Result
View All Result
  • Home
  • Technical Insights
  • Tricks & Tutorial
  • Contact
No Result
View All Result
Gourmet News Hubb
No Result
View All Result
Home Technical Insights

Report: over 30% of applications contain flaws at first scan

admin by admin
January 11, 2023
in Technical Insights


Veracode, provider of modern application security testing solutions, today released the results of the Veracode State of Software Security 2023 report, revealing that flaw build up overtime poses a real issue for many businesses.

According to the report, nearly 32% of applications are found to have flaws at the first scan, jumping to almost 70% once they have been in production for five years. 

“As with all our studies, we set out to provide insights that developers can put into action right away. From this year’s findings, two important considerations emerged: how to lower the chance of flaws being introduced in the first place, and how to reduce the number of those flaws that are introduced. Aside from technical access controls, secure coding practices are all the more crucial for cybersecurity in 2023 and beyond,” said Chris Eng, chief research officer at Veracode.

The report also stated that after the initial scan, most apps enter a safety period of about a year and a half, where 80% do not take on any new flaws.

Furthermore, it was found that developer training; use of multiple scan types, including scanning via API; and scan frequency all play a role in the reduction of flaw introduction.

The report stated that going months between scans directly correlates with an increased chance that flaws will be found when a scan is eventually run. Additionally, it found that the top flaws in apps vary by testing type, indicating that utilizing multiple scan types ensures that even hard-to-identify flaws are caught.

Key takeaways from the report include: 

  • Companies should be working to get a handle on technical and security debt as quickly as possible to avoid flaw accumulation
  • Prioritize automation and developer security training in order to offer insight into which vulnerabilities an app is most at risk for as well as techniques to avoid the introduction of flaws 
  • Have an application lifecycle management protocol in place that includes change management, resource allocation, and organizational controls

The Veracode State of Software Security 2023 report looked at over three quarters of a million applications across commercial software suppliers, software outsourcers, and open-source projects. To read the full report, click here.



Source link

Previous Post

How to Help Clients Round Out Their Ideas

Next Post

:has is an unforgiving selector | CSS-Tricks

Next Post

:has is an unforgiving selector | CSS-Tricks

Recommended

Some Things I Took Away From An Event Apart 2022 in Denver | CSS-Tricks

3 months ago

Technical debt growth: how can it happen without realizing it?

1 month ago

State of CSS 2022 Survey Now Open | CSS-Tricks

4 months ago

CompTIA introduces new tech job posting optimizer

2 months ago

The Best Figma Plugins to Create & Manage Design Systems

3 months ago

How to Create the Perfect Hero Image for Your Portfolio Site

3 months ago

© 2022 The Programmer News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • Technical Insights
  • Tricks & Tutorial
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • Technical Insights
  • Tricks & Tutorial
  • Contact

© 2022 The Programmer News Hubb All rights reserved.