Which Web Programming Language Is Most Secure?

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Which Web Programming Language Is Most Secure?-2 Next

New vs. legacy languages

To lay the foundation for the research, the team first examined the volume of languages in the field, and found, unsurprisingly, that .NET, Java and ASP are the most widely used programming languages, at 28.1 percent, 25 percent and 16 percent, respectively. Legacy programming languages that have been around for decades, PHP (11 percent), ColdFusion (6 percent), and Perl (3 percent) rounded out the remaining field.

The popularity and complexity of .NET, Java and ASP mean that the potential attack surfaces for each language is larger; as such, 31 percent of vulnerabilities were observed in .NET, 28 percent were found in Java, and 15 percent were found in ASP.

WhiteHat Security, a Web security company, recently announced the latest edition of the "WhiteHat Security Website Security Statistics Report," which takes a deeper look into the security of a number of the most popular programming languages, including .NET, Java, ColdFusion, ASP and more.

"Deciding which programming language to use is often based on considerations such as what the development team is most familiar with, what will generate code the fastest, or simply what will get the job done," said Jeremiah Grossman, founder and iCEO of WhiteHat Security. "How secure the language might be is simply an afterthought, which is usually too late.

"As an industry we lack sufficient security data that teams can rely on in the language selection process for their project," continued Grossman. "This report approaches application security not from the standpoint of what risks exist on sites and applications once they have been pushed into production, but rather by examining how the languages themselves perform in the field. In doing so, we hope to elevate security considerations and deepen those conversations earlier in the decision process, which will ultimately lead to more secure websites and applications."

WhiteHat researchers examined the vulnerability assessment results of the more than 30,000 websites under WhiteHat Security management to measure how the underlying programming languages and frameworks perform in the field. With that information, the report yields key findings around which languages are most prone to which classes of attack, how often and for how long, as well as a determination as to whether popular modern languages and frameworks yield similar results in production websites.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.