QA City

Join Hands to Build a Smarter India: Sign in | Join now
Most Popular

Survey Reveals Lack of Testing for Web Applications

By SiliconIndia   |   Tuesday, 25 September 2012, 06:13 Hrs
Print Email



Bangalore: Web applications are prone to attacks because of their “external facing nature.” Security attacks on web applications results in loss of important information such as sensitive and confidential corporate information or intellectual property. This security breach can be a blow to an organization’s long-term performance.



Building secure web applications which are resistant to attacks is essential to a company’s IT posture and the ambition of protecting critical data and corporate information.



In July 2012, Coverity commissioned Forrester Consulting to conduct a study. The study was conducted on 240 software developers and security influencers. It highlighted the present application security practices and identified key trends and market directions across companies.



According to the survey published on coverity.com it is found that:



?    Security incidents associated with applications are common and results in severe consequences.
?    Most companies still fight with the most basic flaws, such as Security.
?    Many organizations lack holistic or strategic way to application security.
?    Application development, security teams and goals are found to be in non aligned condition for optimized results.



More than half (51 percent) of the participants reported that they have experienced at least one web application security incident in less than 24 months since the beginning of the year 2011. 13 percent reported that they experienced five or more incidents.



As a result of security breaches, 18 percent of the respondents informed that they have experienced losses of at least $500,000 or more. 28 percent of them said thay don’t know the cost of their breaches.



59 percent of participants said that the breaches had a negative impact on their professional reputation. While only 56 percent and 52 percent of the respondents informed that the breaches affected their customer’s confidence and damaged their brand name.



66 percent of the respondents who experienced more than 10 incidents said that they had trouble with default accounts and passwords and 55 percent reported security misconfigurations. A large majority (79 percent) reported that they have problems with scalability and budgets.



When respondents were asked to rank which categories of web application vulnerabilities present the biggest risk to their environments, 39 percent reported that SQL injection tops the list with an average of 5 to 10 incidents.



However, 41 percent of the developers revealed that the lack of time to market forced them not to give importance to security during the development phase.


Sign Up for QA Digest and Read the Day's Highlights
Don't Miss
Experts on QA
Anantha Prasanna Venkatesh  S
EHS Manager
L&T LTD
Vinay  Joshi
Software Engineer
NextGen Invent
Devesh  Maheshwari
Test Automation Lead
NBN Co Limited
Aparna  Gandhavalla
Sr.Quality Engineer
Logitech
Sagar  Koti
Team Lead
Pervazive Automation
Lokesh  Gupta
Software Development
Aditi Technologies
Abhinav  Jain
Talent Acquisition
HCL
Avishek  Mukhopadhyay
Analyst Programmer
Accenture
Write your comment now
 
Whitepapers
This report is the result of the largest public-private sector rese...
For those not familiar with the Coverity Scan™ service, i...
SiliconIndia About Us   |   Contact Us   |   Help   |   Community rules   |   Advertise with us   |   Sitemap   |  
News:       Technology   |   Enterprise   |   Gadgets   |   Startups   |   Finance   |   Business   |   Career   |   Magazine  |   Newsletter   |   News archive  
Cities:        CEO   |     Startup   |   Mobile   |   CIO   |   Women   |   BI   |   HR   |   SME   |   Cloud   |   Marketing   |   QA   |   Java   |   Web Developer  
Community:      Members   |   Blogs   |   Indian Entrepreneurs   |   Gyan   |   Advice   |   Community   |   Find   |   Events   |   CXO Insights  
Job Board:      Jobs   |   Freshers   |   Companies   |   HR Speak   |   Forum  
Online Courses:   Web Developer   |   Java Developer   |   CCNA Training   |   SEO   |   SAS   |   SQL Server 2005   |   J2EE
Education:   MBA   |   MCA   |   Engineering   |   Training Institute
Life:          Real Estate   |   Travel   |   Finance   |   Gadgets   |   Movie Reviews   |    Jokes  
Send your feedback and help us continue to improve SiliconIndia
© 2014 InfoConnect Web Technologies India Pvt Ltd. all rights reserved