sponsored by Veracode, Inc.
Posted:  28 Feb 2011
Published:  28 Feb 2011
Format:  PDF
Length:  36  Page(s)
Type:  White Paper
Language:  English
ABSTRACT:

The State of Software Security is a semi-annual report that draws on continuously updated information in Veracode’s cloud-based application risk management services platform. Unlike a survey, the data comes from actual code-level analysis of billions of lines of code and thousands of applications.

The resulting security intelligence cannot be found anywhere else. It represents multiple testing methodologies(static binary, dynamic, and manual) on the full spectrum of application types (components, shared libraries, web and non-web applications) and programming languages (including Java, C/C++, .NET, ColdFusion, and PHP) from every part of the software supply chain (Internally Developed, Open Source, Outsourced, Commercial). For those executives, security and development professionals who want to better understand the vulnerabilities that threaten the integrity and performance of software in the software supply chain, this series of reports is essential reading.

In Volume 2 of the State of Software Security there are nearly 1,400 more applications than in the inaugural report, reflecting the growing use of independent, cloud-based application risk management services. As before, the report first examines the security quality of applications by type of supplier in the software supply chain and then explores application security by language, industry, and by application type across both web and non-web applications.

New in Volume 2 are data from third-party assessments, the first inclusion of PHP and ColdFusion applications, a comparison of static binary, dynamic, and manual testing effectiveness, and additional analytics on Financial industry applications.






BROWSE RELATED RESOURCES
Application Monitoring | Cross-Site Scripting | Risk Management | Security Best Practices | Security Industry | Software Best Practices

View All Resources sponsored by Veracode, Inc.

About TechTarget:

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines

All Rights Reserved, Copyright 2000 - 2014, TechTarget | Read our Privacy Statement