About Thawte

News

Application vulnerabilities ranked highest risk among security professionals

Findings from a new report by Frost & Sullivan showed that secure software development is where the largest gap between risk and response attention exists, according to computer security professionals. In an extensive survey of over 12,000 security experts, 69 percent cited application vulnerabilities as the top security threat, followed closely by malware at 67 percent and mobile devices at 66 percent. Of the security breaches detected, survey respondents cited insecure software as a contributor in approximately 33 percent of cases.

One reason why application vulnerabilities remain such a concern is due to their prevalence. In another report recently released that explored global IT security issues, it found that as zero-days declined year-over-year, applications' ease and low exploitation costs became the method of choice for cybercriminals to successfully engage in more widespread attacks.

"Vulnerabilities are much cheaper and easier to use than zero-days," said Secunia CEO Thomas Kristensen in an email to SearchSecurity. "Frankly, there is not much financial incitement to spend time and money on developing zero-days when there is so much vulnerable, unpatched software around."

Among some good news found among the surveys is that patch-time has decreased among developers and only 20 percent of vulnerabilities are left with without a security fix after the first day of disclosure, an 8 percent improvement from the previous year.

As both studies have observed, one of the reasons cybercriminals seek out vulnerable applications is to take advantage of an end user's lack of knowledge or their perceived indifference to the importance of software updates. Unfortunately, IT administrators and developers are acutely aware of the risks lax security behavior can lead to, and without proper education, such application vulnerabilities will continue to be common attack vectors.

Taking proactive measures toward securing data remains one of the biggest steps companies and developers can take to maintain clients' trust. Stop by Thawte, a recognized leader in security, and get the latest in code signing certificates.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?