Tuesday, January 17, 2023

Researchers Warn Against A Massive Number Of Apps Carrying Security Flaws In Their First Year Of Existence

We’re starting off 2023 with some not-so-great news, thanks to security researchers finding major flaws in new apps.

A recent study is ringing alarm bells for apps that were recently launched or developed. And a great number of them are filled with security flaws. Think along the lines of 32% carrying such flaws and by age five, the study shows how it would massively grow further to nearly 70%.

The report comes to us thanks to Veracode which highlights how firms are now required to scan mistakes early on in time and in different ways to minimalize the probability of being affected by massive issues down the lane.


A staggering amount of apps were evaluated through the likes of suppliers linked to commercial software, outsources for that software, and several open source projects too. They found that after introducing flaws, such apps tend to reach a phase called the honeymoon period linked to stability. Around 80% of those fail to include major flaws during the initial period.

It’s an expensive mistake as developers tend to get lazy again and the number of new flaws getting introduced for this code climbs to nearly 35% after a period of five years. And ignoring this could result in massive costs later on, as average costs linked to such breaches maybe $4.3 million.

Developers really need to do a number of things to ensure such mistakes don’t happen in the future and that entails training their developers and using different types of scans such as those through API.

The frequency with which such scans arise is an integral factor as explained in the report. So experts feel it’s necessary to tackle issues linked to technical as well as secured debt while prioritizing automation and training for developers in terms of how to remain secure. Other bases to touch upon include allocating resources and keeping a check on the organization.

The scan took place over a span of one year and that’s when 74% of apps were found to entail at least one major flaw As far as language is concerned, it was JavaScript that had the least number of flaws

But even though Javascript might be leading the pack of top-performing apps by language, you need to remember that it’s written by humans. Therefore, the likelihood of errors is more as humans are just as capable of letting errors in as the system.

Similarly, you’ll find that top flaws do vary by the type of scan performed and that’s why it’s important to use a number of scans when searching for a particular flaw that’s easily detected by a single type of scan.

When you look at .Net apps, you’ll notice how the tech debt starts decreasing and that means developer teams for these apps get a little more than 50% of the flaws.

The take-home message of the report is simple, an ounce of prevention will result in a pound of cure so it’s best to be safe with scans of various types.

Read next: 54% of Marketing Firms Plan to Increase Budgets
by Dr. Hura Anwar via Digital Information World

No comments:

Post a Comment