|
|[July 20, 2017]
|
New Netsparker Survey Finds Vulnerable Web Applications Make Web Developers an Easy Target, Even When Working Behind a Firewall
Netsparker Ltd., a leading player in the web applications security
industry, has released survey results showing that most software
developers make themselves easy targets for hackers, even when they are
behind a corporate firewall. The primary reason is not that their web
server software is out of date, however. Instead, it is largely the
result of developers running vulnerable web applications on their
computers even when they are protected by a firewall, therefore
jeopardizing a corporation's network and data.
While firewalls are essential for security and protecting sensitive
data, they are not a one-fix solution for vulnerable web applications.
Unfortunately, many assume that security measures like firewalls are
enough to prevent "bad actors" from getting inside a developer's web
browser.
Key Findings
Propeller Insights conducted the recent survey of web developers for Netsparker
from July 5-7, 2017. The objective was to understand how and why web
applications development environments-regardless of size, location or
vertical market served-are so inviting to "bad actor" mischief.
The research effort and analysis look at the level of risk and
developers' roles in making the job of hackers easy when it comes to
stealing or compromising mission-critical enterprise digital assets even
befor they are generally available internally and externally.
The survey of U.S.-based software developers, sampled from a broad
cross-section of vertical markets, government entities and organization
sizes, found:
-
81 percent of respondents run their software on a web server
-
89 percent claimed they keep their web server software up to date
-
52 percent say they run vulnerable/undeveloped web applications on
their server
-
55 percent are running web apps in development on servers directly
connected to the internet
-
32 percent admitted to hardening the web applications on their test
environment
"These statistics should be no surprise to anyone," said Netsparker CEO
Ferruh Mavituna. "Yes, developers are patching their web servers, but
they are still running vulnerable web applications, which is what makes
them a target. Fifty-two percent admit that they run vulnerable
half-developed web applications on their web server. That's worrisome,
especially since 55 percent claim that these same web applications can
be connected directly to the internet."
The survey findings illustrate the reality that enterprises approach
securing their digital assets based on a holistic approach focusing on
value creation, testing and dissemination processes. Indeed, while much
web security and broader IT risk management attention is paid to the
protection of the web servers, the failure to address vulnerabilities in
software development processes and practices poses as much, if not
greater, risks.
For more information about the survey results and recommendations on how
best to secure application software, visit www.netsparker.com.
About Netsparker Ltd.
Netsparker was founded in 2009 and develops a web application security
scanner. The scanner's accurate scanning technology led to early
success, and Netsparker is now a recognized leader in the web
application security industry.
Netsparker can identify vulnerabilities in any type of modern and custom
web applications, regardless of the architecture or platform they are
built with. Upon identifying a vulnerability, the Netsparker scanner
uniquely generates a proof of exploit to identify a false positive.
Netsparker is available as desktop software and as a cloud service. It
is trusted and used by world-renowned organizations from all industry
verticals, including Samsung (News - Alert), NASA, Microsoft, ING Bank and Ernst &
Young.
View source version on businesswire.com: http://www.businesswire.com/news/home/20170720005284/en/
[ Back To TMCnet.com's Homepage ]