Why Don’t Developers Have a “Spellchecker” for Security?

Oct 31 2016

According to a report by Veracode, 61 percent of all internally-developed applications failed a basic test of compliance with the OWASP Top 10 list on their first pass. And commercially developed software did even worse, with a 75 percent failure rate. Eliminating these basic vulnerabilities would go a long way towards making software more secure. And the earlier on in the process they’re caught, the easier they are to fix. Currently, companies are testing for SQL injections or cross-site scripting once a week, or maybe once a quarter. We need to make this a continuous process because the hackers are attacking companies continuously,” said CYBRIC. Read the full article.


  • Share: