Applications Move to the Top of the Security Agenda

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Previous Applications Move to the Top of the Security Agenda-1 Next

Click through for findings from a recent survey by Fortify Software.

After spending billions of dollars trying to secure network perimeters, IT organizations are discovering, sometimes through painful experience, that hackers and developers of various forms of malware are increasingly focused on compromising applications.

That only makes sense because, after all, that’s where the valuable data is. At the same time, these attacks are getting more targeted in order to fly under the radar of security solutions that are designed to look for specific types of signatures. The end result is not only more dangerous attacks, but also ones that are increasingly invisible to IT organizations.

The end result is that no one is really sure how many applications are compromised. But according to a recent survey of 300 IT professionals that was conducted by Fortify Software at the recent Infosecurity Europe 2010 conference, 56 percent said software in use within their organization was compromised. Worse yet, 16 percent said maybe and 7 percent said they didn’t know.

Perhaps even more disturbing, 83 percent said that the commercial software they buy off-the-shelf comes with all kinds of unknown vulnerabilities, which accounts for why IT organizations spend so much time patching software these days.

Barmak Meftah, chief products officer for Fortify, says a big part of the problem is that application developers really don’t focus on security. It’s only when the security team sits down with developers to show them what they are doing to make it easy for outsiders to compromise their software that any real fundamental change takes place.

Meftah says application developers will be focusing a lot more on security with the advent of cloud computing, which in many cases comes with fairly detailed security requirements as part of the service level agreement mandated by the cloud computing provider.

What all this means is the security landscape as a whole is going through a profound transformation that will ultimately change the way application software is developed. In the meantime, it’s now incumbent on most IT organizations to access their application security because what worked well last year is increasingly becoming irrelevant today.


Related Topics : Vulnerabilities and Patches, Resellers, Broadcom, Broadband Services, Supercomputing

More Slideshows

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Global33-290x195 2017 and Beyond: How Digital Innovation Will Impact the World

Digital innovation is by far the biggest influencer, changing the way we do just about everything, from shopping to communication to running a business. ...  More >>

ArriaNLG-IoTAutomation0x Internet of Things Personified: Integration and Automation

The real value that the Internet of Things brings is at the intersection of gathering data and leveraging it. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.