QA City

Join Hands to Build a Smarter India: Sign in | Join now
Most Popular

Survey Reveals Lack of Testing for Web Applications

By SiliconIndia   |   Tuesday, 25 September 2012, 06:13 Hrs
Print Email



Bangalore: Web applications are prone to attacks because of their “external facing nature.” Security attacks on web applications results in loss of important information such as sensitive and confidential corporate information or intellectual property. This security breach can be a blow to an organization’s long-term performance.



Building secure web applications which are resistant to attacks is essential to a company’s IT posture and the ambition of protecting critical data and corporate information.



In July 2012, Coverity commissioned Forrester Consulting to conduct a study. The study was conducted on 240 software developers and security influencers. It highlighted the present application security practices and identified key trends and market directions across companies.



According to the survey published on coverity.com it is found that:



?    Security incidents associated with applications are common and results in severe consequences.
?    Most companies still fight with the most basic flaws, such as Security.
?    Many organizations lack holistic or strategic way to application security.
?    Application development, security teams and goals are found to be in non aligned condition for optimized results.



More than half (51 percent) of the participants reported that they have experienced at least one web application security incident in less than 24 months since the beginning of the year 2011. 13 percent reported that they experienced five or more incidents.



As a result of security breaches, 18 percent of the respondents informed that they have experienced losses of at least $500,000 or more. 28 percent of them said thay don’t know the cost of their breaches.



59 percent of participants said that the breaches had a negative impact on their professional reputation. While only 56 percent and 52 percent of the respondents informed that the breaches affected their customer’s confidence and damaged their brand name.



66 percent of the respondents who experienced more than 10 incidents said that they had trouble with default accounts and passwords and 55 percent reported security misconfigurations. A large majority (79 percent) reported that they have problems with scalability and budgets.



When respondents were asked to rank which categories of web application vulnerabilities present the biggest risk to their environments, 39 percent reported that SQL injection tops the list with an average of 5 to 10 incidents.



However, 41 percent of the developers revealed that the lack of time to market forced them not to give importance to security during the development phase.


Sign Up for QA Digest and Read the Day's Highlights
Don't Miss
Experts on QA
Sasank Taraka Kumar
QA Lead
RAM Informatics Ltd
Ramesh  Letchumanan
Testing Engnr
R and D Tech
Shridhar  Vaidya
QA Engineer
Cybage Software
Nishu  Miglani
CEO
Quest consultants
Meena  Mohan
Sr. Software Eng.
Huawei Technologies
Manish  Potdar
Associate Director
Cognizant
Uma  Maheswari Balasubramani
Sr Software Engineer
IBM
Mukesh  Jarial
Software Engineer
Interglobe
Write your comment now
 
Whitepapers
This report is the result of the largest public-private sector rese...
For those not familiar with the Coverity Scan™ service, i...
SiliconIndia About Us   |   Contact Us   |   Help   |   Community rules   |   Advertise with us   |   Sitemap   |  
News:       Technology   |   Enterprise   |   Gadgets   |   Startups   |   Finance   |   Business   |   Career   |   Magazine  |   Newsletter   |   News archive  
Cities:        CEO   |     Startup   |   Mobile   |   CIO   |   Women   |   BI   |   HR   |   SME   |   Cloud   |   Marketing   |   QA   |   Java   |   Web Developer  
Community:      Members   |   Blogs   |   Indian Entrepreneurs   |   Gyan   |   Advice   |   Community   |   Find   |   Events   |   CXO Insights  
Job Board:      Jobs   |   Freshers   |   Companies   |   HR Speak   |   Forum  
Online Courses:   Web Developer   |   Java Developer   |   CCNA Training   |   SEO   |   SAS   |   SQL Server 2005   |   J2EE
Education:   MBA   |   MCA   |   Engineering   |   Training Institute
Life:          Real Estate   |   Travel   |   Finance   |   Gadgets   |   Movie Reviews   |    Jokes  
Send your feedback and help us continue to improve SiliconIndia
© 2014 InfoConnect Web Technologies India Pvt Ltd. all rights reserved