Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Software applications have on average 24 vulnerabilities inherited from buggy components

Lucian Constantin | June 17, 2015
Many commercial software companies and enterprise in-house developers are churning out applications that are insecure by design due to the rapid and often uncontrolled use of open-source components.

"It is stunning to me that when you grab an application about a quarter of the components in it are vulnerable," he said. "And that doesn't even take into consideration the unknown, or zero-day, vulnerabilities."

And that's scary when we consider that the software being put into Internet-of-Things devices is no different than the one being put into commercial applications.

"I have encountered vulnerable open-source software in the remotely connected parts of automobiles that was exploitable and could put people's lives in danger," Corman said. "It's one thing when your website is compromised, or you have to get a new credit card, and another when entirely avoidable vulnerabilities are making their way into embedded systems in vehicles or medical devices."

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.