QA City

Join Hands to Build a Smarter India: Sign in | Join now
Most Popular

The Need to Identify the Weakest Link in the Application

By SiliconIndia   |   Tuesday, 11 December 2012, 21:26 Hrs
Print Email


Bangalore: Every company either small or large contains a huge amount of confidential information which might be very sensitive. There are different tactics to protect the data such as strong passwords, Firewalls and encryption but, do you know that the hackers who are constantly keeping an eye on this information might be one step ahead of you than you could imagine? Hackers target the weakest link in any software.

In an organization, software is used for keeping HR records, email, accounts, document management and payroll. 70 percent of applications which are produced within the organization are licensed by the vendors and almost 65 percent are sourced externally. Judy Shelby on law.com reports that about 80 percent of the software bought from the vendors failed in the security compliance according to the PwC's 2012 Security Report.

Veracode Inc. also noted some of the errors detected in third-party web applications as given on “Open Web Application Security Project (OWASP) Top 10.” 40 percent of these applications highly detected flaws. So every business should learn that all outsourced application contains data breach risk due to the possibility of security errors.

Sometimes some of the security threats might not be identified immediately after it’s purchased; you have to use it in your business to find it. BYOD or bring your own device prevalence in organizations for employees brings in insecurity to company data. The hackers get an easy access point to hack your confidential company data.

One way to take precautions is by independent verification of the software security throughout business supply chain and automatic security testing for vendor supplied applications. In addition to this, companies should make sure vendors and third parties submit the security testing before acquiring the software and make the purchase agreement.


Sign Up for QA Digest and Read the Day's Highlights
Don't Miss
Experts on QA
Sasank Taraka Kumar
QA Lead
RAM Informatics Ltd
Ramesh  Letchumanan
Testing Engnr
R and D Tech
Shridhar  Vaidya
QA Engineer
Cybage Software
Nishu  Miglani
CEO
Quest consultants
Meena  Mohan
Sr. Software Eng.
Huawei Technologies
Manish  Potdar
Associate Director
Cognizant
Uma  Maheswari Balasubramani
Sr Software Engineer
IBM
Mukesh  Jarial
Software Engineer
Interglobe
Write your comment now
 
Whitepapers
This report is the result of the largest public-private sector rese...
For those not familiar with the Coverity Scan™ service, i...
SiliconIndia About Us   |   Contact Us   |   Help   |   Community rules   |   Advertise with us   |   Sitemap   |  
News:       Technology   |   Enterprise   |   Gadgets   |   Startups   |   Finance   |   Business   |   Career   |   Magazine  |   Newsletter   |   News archive  
Cities:        CEO   |     Startup   |   Mobile   |   CIO   |   Women   |   BI   |   HR   |   SME   |   Cloud   |   Marketing   |   QA   |   Java   |   Web Developer  
Community:      Members   |   Blogs   |   Indian Entrepreneurs   |   Gyan   |   Advice   |   Community   |   Find   |   Events   |   CXO Insights  
Job Board:      Jobs   |   Freshers   |   Companies   |   HR Speak   |   Forum  
Online Courses:   Web Developer   |   Java Developer   |   CCNA Training   |   SEO   |   SAS   |   SQL Server 2005   |   J2EE
Education:   MBA   |   MCA   |   Engineering   |   Training Institute
Life:          Real Estate   |   Travel   |   Finance   |   Gadgets   |   Movie Reviews   |    Jokes  
Send your feedback and help us continue to improve SiliconIndia
© 2014 InfoConnect Web Technologies India Pvt Ltd. all rights reserved