QA City

Join Hands to Build a Smarter India: Sign in | Join now
Most Popular

Veracode Warns Enterprises that SOUP is a Recipe for Disaster

By SiliconIndia   |   Tuesday, 22 January 2013, 02:14 Hrs
Print Email

Bangalore:  Veracode, the leader in cloud-based application security testing, warns enterprises that serving up Software of Unknown Pedigree, or S.O.U.P, can lead to some major indigestion for the organization, with side effects including customer data loss, gaps in defense against hackers, and even corporate intellectual property theft. With use of vendor supplied software growing exponentially, it's important for enterprises to not let SOUP go untested.

Despite the fact that enterprises are lapping up more SOUP than ever, 84 percent haven't tested any of their vendor supplied applications. If they did, they might be surprised to learn that 80 percent of customer support applications, 76 percent of security applications and 59 percent of financial applications fail to comply with enterprise security policies, leaving data vulnerable.

The amount of risk these organizations are assuming by deploying untested SOUP is unsettling, but also unnecessary," said Chris Eng, vice president of research, Veracode. "Maintaining a healthy application security program can minimize risk and keep things running smoothly."

The good news is that enterprises are beginning to recognize and address these risks. In a new infographic, Veracode illustrates the recent trend in organizations saying no to SOUP and starting to test their vendor-supplied applications. A recent study by Veracode found 21 percent of financial services organizations tested its vendor-supplied software for flaws in the application code. Additionally, the software and IT services industry and the technology industry are upping their SOUP testing numbers, with 14 percent of each industry inspecting its outsourced software. Those enterprises with a programmatic approach to software testing have seen 52 percent of their applications achieve compliance.

Veracode recommends developing a programmatic approach to vendor software security testing and suggests making sure that above all, these security policies are communicated throughout the organization. Vendors should be held to the same security criteria as in-house developers to ensure the entire organization is approaching security with the same goal.

Sign Up for QA Digest and Read the Day's Highlights
Don't Miss
Experts on QA
Sasank Taraka Kumar
QA Lead
RAM Informatics Ltd
Dr Sanjay  Gupta
Lean Leader
Sudhir  Patnaik
Director Engineering
Intuit India
Seetharama  Shetty
Sr QA Analyst
Arctern Consulting
Kiran  Rayachoti
Sr Program Manager
Sapient Corporation
Bobin Motti  Thomas
Sr Tech. Associate
Tech Mahindra
Saudagar  Shinde
General Manager
TTP Technologies Pvt
Ramesh  Loganathan
VP Products
Progress Software
Write your comment now
This report is the result of the largest public-private sector rese...
For those not familiar with the Coverity Scan™ service, i...
SiliconIndia About Us   |   Contact Us   |   Help   |   Community rules   |   Advertise with us   |   Sitemap   |  
News:       Technology   |   Enterprise   |   Gadgets   |   Startups   |   Finance   |   Business   |   Career   |   Magazine  |   Newsletter   |   News archive  
Cities:        CEO   |     Startup   |   Mobile   |   CIO   |   Women   |   BI   |   HR   |   SME   |   Cloud   |   Marketing   |   QA   |   Java   |   Web Developer  
Community:      Members   |   Blogs   |   Indian Entrepreneurs   |   Gyan   |   Advice   |   Community   |   Find   |   CXO Insights  
Job Board:      Jobs   |   Freshers   |   Companies   |   HR Speak   |   Forum  
Online Courses:   Web Developer   |   Java Developer   |   CCNA Training   |   SEO   |   SAS   |   SQL Server 2005   |   J2EE
Education:   MBA   |   MCA   |   Engineering   |   Training Institute
Life:          Real Estate   |   Travel   |   Finance   |   Gadgets   |   Movie Reviews   |    Jokes  
Send your feedback and help us continue to improve SiliconIndia
© 2015 InfoConnect Web Technologies India Pvt Ltd. all rights reserved