Skip to main content

Huge amounts of apps are developing security flaws in their first year

In their first year of existence, a third of apps (32%) carry security flaws, and by the age of five, this number grows to more than two-thirds (70%), new research has found. 

A new report from Veracode found businesses need to scan for flaws early, often, and in various ways, in order to minimize the chances of severe issues down the road.

The company analyzed more than three-quarters of a million applications across commercial software suppliers, software outsourcers, and open-source projects,  finding that after the initial introduction of flaws, the apps usually enter a “honeymoon period” of stability - almost 80% don’t introduce any new flaws for the first year and a half. 

Costly mistakes

After that, some devs start getting sloppy again, with the number of new flaws being introduced to the code climbing to roughly 35% after five years.

Ignoring to address security flaws early could result in huge costs down the road, Veracode says, citing recent reports that claim an average data breach now costs $4.35 million. 

Instead, developers should do a number of things to reduce the probability of flaw introduction, including developer training, and the use of multiple scan types - scanning via API included. 

The frequency of scans is also an important factor, the company added. Furthermore, they should tackle technical and security debt as early and as quickly as possible, prioritize automation and developer security training, and establish an application lifecycle management protocol that incorporates change management, resource allocation, and organizational controls. 

“Using a software composition analysis (SCA) solution that leverages multiple sources for flaws, beyond the National Vulnerability Database, will give advance warning to teams once a vulnerability is disclosed and enable them to implement safeguards more quickly, hopefully before exploitation begins,” said Chris Eng, Chief Research Officer at Veracode.

“Setting organizational policies around vulnerability detection and management is also recommended, as well as considering ways to reduce third-party dependencies.” 

Source: TechRadar

Popular posts from this blog

Android 12 will bring the end of third-party share menus

Apps like Sharedr will no longer be able to replace the default share dialog. What you need to know Third-party apps will not be allowed to replace the Android share menu in Android 12. You will no longer be able to set apps like Sharedr as the default. Google says it never intended to allow third-party apps to replace the official Sharesheet. One of Android 12 's biggest highlights is the new Material You design language, which brings major changes to nearly every key UI component. Android 12 will also introduce a major change to the way users share links and photos, according to a report from XDA Developers . On Android 11 , Google allows third-party apps and OEMs to fully customize the Android Sharesheet, which is the reason why the share dialog differs from one app to another. It is even possible to completely bypass the official Android Sharesheet by setting an app like Sharedr as the default Sharesheet. In addition to providing a more consistent experience, Sharedr

The new Amazon Fire HD 10 is growing into a viable productivity tablet

An already good entertainment device finally gets productive. Amazon has been busy churning out a whole host of new devices and upgrades to existing devices over the past several months. Earlier this year, I reviewed the excellent Echo Buds (2nd Gen) , and even the fantastic Echo Frames (2nd Gen), have since been updated to include options with sunglass and blue light filtering lenses . In early May, we also learned that Amazon was refreshing the Echo Show 5 and Echo Show 8 and that it was even rolling out its first Echo Show for kids . While newer and more novel products like the ones mentioned above often see a faster update cycle, more mature devices like Kindle e-readers and Fire tablets go longer between new versions. In fact, the last update to the Fire HD 10 line was back in 2019, so, understandably, Amazon was ready to reinvigorate its flagship tablet. Not only did it update the specs and colors on the Fire HD 10, but it also gave us a second version in the Fire HD 10 Plu

Wondershare Photo Collage Studio

Wondershare Photo Collage Studio Studio integrated workshop create albums of your digital photos Yes with this program you can create Albums wonderful from your digital photos and keep them you can create albums stunning so wonderful additions distinctive not imagine it The program supports hundreds of templates and frameworks that can be used during the creation of your album from your digital photos and keep your album in a computer Create beautiful albums and you can add a lot through this program distinctive and you can with this program, add effects beautiful and can set the time to add effects and allows you to program import all image formats and also features a unique interface easier for the professional user and the novice to use this program if you want to view images through your computer, this program will add a great aesthetic touch to browse your photos through this program is a wonderful experience import all image formats

Save $30 on Echo Dot (3rd Gen) Kids Edition

Echo Dot (3rd Gen) Kids Edition Echo Dot (3rd Gen) Kids Edition, an Echo designed for kids with parental controls - Blue List Price: $69.99 With Deal: $39.99 You Save: $30.00 (43%) Designed with kids in mind - They can ask Alexa to play music, hear stories, call approved friends and family, and explore a world of kid-friendly skills. Buy from USA Buy from UK .