Helping clients manage their technology for over 30 years.

Application security: As apps proliferate, so do vulnerabilities

Application Security by Quest

These days, two-thirds of all applications rely on open-source components. While open source has many virtues, it also has a key vice: once an open source component is integrated into an application, that app inherits any vulnerabilities it contains.

Further, whenever that application is referenced by other software, the inheritance of the initial vulnerability persists. The 2014 Heartbleed bug occurred in this way, and some version of this issue is likely to keep happening because most vendors don’t list all the third-party components their software relies on.
Continue reading

Application Security Scanning Can Save Your Business

Magnifying glass photograph

Web and mobile applications are everywhere, often working 24×7. They handle login pages, shopping carts, webmail, support and product request forms, content management systems, and much more.

These apps perform in numerous client-side browser and operating system environments, and can be deployed quickly, just about anywhere, and at little or no cost. Although they may be developed in-house, many are acquired from third parties. More than 90% of enterprises use third-party offerings in their mobile BYOD efforts, according to Gartner. Continue reading

98% of Apps are Insecure — Here’s How You Can Protect Yours

Mobile phone with password on screen to illustrate mobile security services

Sadly, one can make the argument that if software vendors did a better job of integrating security testing throughout the development lifecycle, our current struggles with application security might be less challenging.

In fact, however, software vendors are late to the party. Their security testing tends to be tacked on to the end of development lifecycles as an afterthought, which may account for one recent study’s startling conclusions that:

  • 98% of applications carry at least one application security risk (and each risk may signal the presence of multiple vulnerabilities)
  • 80% of applications showed more than five risks
  • The average application registered 22.4 risks

Continue reading

Apps, Apps Everywhere — But How Secure Are Yours

Did you know that your applications are the most vulnerable part of your IT operations?

iPhone with lock to symbolize Cloud Security. Cloud in background

These days, problems with apps — many of them web-based apps — account for the majority of information security breaches. Over the last year or so, and going forward, application-level attacks have emerged as the preferred vector for gaining access to sensitive (and valuable) data. What’s more, the threats are becoming increasingly acute as complex web apps, as well as mobile apps, play ever greater roles in our business and personal activities.

App vulnerabilities for sale — cheap at the price? Continue reading