Veracode released it’s annual report of State of Software Security, an research on software vulnerability trends and predictions in how these flaws could be exploited if left unaddressed.
The research suggest a rise on “everyday hackers” caused by the availability of information. Which makes it possible for less technically skilled hackers to take advantage of relatively simple vulnerabilities like SQL injections
“Despite significant improvements in awareness of the importance of securing software, we are not seeing the dramatic decreases in exploitable coding flaws that should be expected,” – said Chris Eng, vice president of research, Veracode.
The study found out that most of security breaches and data loss situations is insecure software. Approximately 70 percent of the software failed to comply with enterprise security policies.
“The amount of risk an organization accepts should be a strategic business decision – not the aftermath of a particular development project,” — Chris Wysopal, co-founder and CTO, Veracode.