RSS Alerts

Share

More services

Related Links

  • Fortify Security
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • The Challenge of Security by Compliance
    Information security has become an unavoidable issue for banking and other financial services organizations globally, and recently many of these organizations have turned to compliance, regulations and industry standards to secure their data and information infrastructure. John P. Pironti reports
  • BackTrack adds RandomStorm's WordPress Scanner to its stable of security software
    RandomStorm has announced that WPScan – the free WordPress security scanner that the company developed in July – has been added to the latest BackTrack programme.
  • RSA: Life After Breach
    With the RSA security breach still fresh in the minds of information security practitioners across the world, you’d be forgiven for assuming that the heyday for token-based ID is long gone. Stephen Pritchard investigates the advantages and disadvantages of token-based ID and finds out why, for now at least, it’s here to stay
  • Free WordPress security scanning software released
    A Leeds-based company, Randomstorm, has taken the wraps of one of the industry's first WordPress security scanning applications. The WordPress Scanner - which is free of charge - is designed to allow managers to verify their WordPress website is secure.
  • Comment: Visionaries Recognize the Changing Nature of Crime as an Opportunity
    Infosecurity is proud to welcome W. Hord Tipton, executive director of (ISC)², as the newest member of its editorial board. As part of his welcome, Tipton shares why, whether large or small, organizations’ security technology is only as good as the people being tasked to operate and maintain it

Top 5 Stories

News

Three quarters of companies think they are vulnerable to hacking

08 June 2009

Seventy three percent of IT professionals admit their software applications are vulnerable to hackers in a survey conducted by application security specialists Fortify Software at this year’s Infosecurity Europe in London.

Although down by eight percent from last year’s survey, Fortify finds the results disturbing.

Barmak Meftah, senior vice president, products & technologies at Fortify Software, said: “Although pleased by a reduction in respondents who admit their software applications are vulnerable to attack, eight percent simply isn’t good enough. Today, such an informed audience shouldn’t be citing security concerns as bottom of anyone’s mind or worse not considered a priority. Businesses really should be looking to alleviate the security risks in their applications and achieve software security assurance so that they don’t have to face the expense and embarrassment of being hacked.”

Almost half (46%) of the IT professionals said that hacking at the application level is the easiest way into a company – an increase of a third over 2008 results, Fortify said. 5% said that 76-100% of hacks are targeted at applications.

Furthermore, a third of respondents said they believe buying external applications could pose a greater security threat than when writing them in-house, but worryingly, 35% did not consider checking these externally procured applications for flaws and vulnerabilities.

Over half (55%) of the IT professionals said they are worried about application security because it has not been made a priority for the developers. Perhaps even worse, 21% expressed concern because application security seem to be at the bottom of people’s minds at the same time as 23% of respondents said there has been an increase in attacks since the start of the economic downturn with 26% of respondents having fallen victim to at least one instance of hacking over the last year.

This article is featured in:
Application Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012