88 Percent of Java Apps Susceptible to Widespread Attacks from Known Security Defects, According to New Research from CA Veracode

The 2017 State of Software Security Report also shows that approximately 53.3 percent of Java applications rely on a vulnerable
version of the Commons Collections components. Even today, there are just as many applications using the vulnerable version as there were in 2016. The use of components in application development is common practice as it allows developers to reuse functional code – speeding up the delivery of software. Studies show that up to 75 percent of a typical application’s code is made up of open source components

Wysopal continued, “development teams aren’t going to stop using components – nor should they. But when an exploit becomes available,
time is of the essence. Open source and third party components aren’t necessarily less secure than code you develop in-house, but keeping an up-to-date inventory of what versions of a component you are using. We’ve now seen quite a few breaches as a result of vulnerable components and unless companies start taking this threat more seriously, and using tools to monitor component usage, I predict the problem will intensify.

To read the original article:

http://www.itsecurityguru.org/2017/10/19/88-percent-java-apps-susceptible-widespread-attacks-known-security-defects-according-new-research-ca-veracode/

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *