Veracode, a leading global provider of intelligent software security, today released research indicating applications developed by organisations in Europe, Middle East and Africa tend to contain more security flaws than those created by their U.S. counterparts. Across all regions analysed, EMEA also has the highest percentage of ‘high severity’ flaws, meaning they would cause a critical issue for the business if exploited. High numbers of flaws and vulnerabilities in applications correlate with increased levels of risk, which is particularly notable as software supply chain cyberattacks dominate headlines in 2023.
Researchers found that just over 80 percent of applications developed by EMEA organisations had at least one security flaw detected in their most recent scan over the last 12 months, compared to just under 73 percent of U.S. organisations. In addition, the percentage of applications containing ‘high severity’ flaws was the highest of all regions, at almost 20 percent.
“Our data shows that organisations globally are continuing to deploy a worrying number of applications with a high number of flaws in the CWE Top 25,” said Chris Eng, Chief Research Officer at Veracode. “We did, however, identify interesting regional differences, particularly in terms of third-party or open-source code usage and the ways in which vulnerabilities are introduced across the application lifecycle,” he continued.
Analysis of data collected from more than 27 million scans across 750,000 applications helped to produce Veracode’s latest annual report on the State of Software Security. This new report showcases the EMEA-specific findings from those scans and applications, including results from UK, Germany, France, Italy and across the Middle East and Africa.
Numbers alone don’t convey the consequences of hackers exploiting software ..
Support the originator by clicking the read the rest link below.
