RSS feed Get our RSS feed

News by Topic

BizReport : Mobile Marketing : October 18, 2017

Marketers: Java apps vulnerable to attack

While the mobile space continues to be a hot property for marketers, it may also be a dangerous place. According to new data from Veracode, most (88%) of Java apps are susceptible to security attacks.

by Kristina Knight

The last thing a marketer wants is for their customers to be hacked, but some apps are putting security up for grabs. Veracode has released the 2017 State of Software Security Report which indicates that while most Java-based apps have at least one security risk, fewer than one-third (28%) of businesses are regularly analyzing apps to determine if one of these vulnerabilities has been built in to their apps.

"The universal use of components in application development means that when a single vulnerability in a single component is disclosed, that vulnerability now has the potential to impact thousands of applications - making many of them breachable with a single exploit," said Chris Wysopal, CTO, CA Veracode. "Development teams aren't going to stop using components - nor should they. But when an exploit becomes available, time is of the essence. Open source and third party components aren't necessarily less secure than code you develop in-house, but keeping an up-to-date inventory of what versions of a component you are using. We've now seen quite a few breaches as a result of vulnerable components and unless companies start taking this threat more seriously, and using tools to monitor component usage, I predict the problem will intensify."

What is a marketer to do about this? First, begin testing apps your company uses to determine if a vulnerability has been left open. Then, if a vulnerability is there, contact your developer to contain the issue.

Tags: app vulnerability, Java attacks, mobile apps, mobile marketing, Veracode

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.