Which Web Programming Language Is Most Secure?

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Next Which Web Programming Language Is Most Secure?-6 Next

Remediation remains a key factor

Other interesting remediation statistics:

  • ASP is remediating at the same rate as the other languages, focusing on mission-critical vulnerabilities.
  • Perl remediates 85 percent of all cross-site scripting vulnerabilities, the highest rate among all languages, but only 18 percent of SQL injection.
  • .NET and Java have the same remediation rate of SQL injection at 89 percent.
  • ColdFusion remediates 100 percent of its abuse of functionality vulnerabilities, 96 percent of its SQL injection, and 87 percent of insufficient transport layer protection vulnerabilities.

WhiteHat Security, a Web security company, recently announced the latest edition of the "WhiteHat Security Website Security Statistics Report," which takes a deeper look into the security of a number of the most popular programming languages, including .NET, Java, ColdFusion, ASP and more.

"Deciding which programming language to use is often based on considerations such as what the development team is most familiar with, what will generate code the fastest, or simply what will get the job done," said Jeremiah Grossman, founder and iCEO of WhiteHat Security. "How secure the language might be is simply an afterthought, which is usually too late.

"As an industry we lack sufficient security data that teams can rely on in the language selection process for their project," continued Grossman. "This report approaches application security not from the standpoint of what risks exist on sites and applications once they have been pushed into production, but rather by examining how the languages themselves perform in the field. In doing so, we hope to elevate security considerations and deepen those conversations earlier in the decision process, which will ultimately lead to more secure websites and applications."

WhiteHat researchers examined the vulnerability assessment results of the more than 30,000 websites under WhiteHat Security management to measure how the underlying programming languages and frameworks perform in the field. With that information, the report yields key findings around which languages are most prone to which classes of attack, how often and for how long, as well as a determination as to whether popular modern languages and frameworks yield similar results in production websites.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.