QA City

Most Popular

Survey Reveals Lack of Testing for Web Applications

By SiliconIndia   |  
Print Email

Bangalore: Web applications are prone to attacks because of their “external facing nature.” Security attacks on web applications results in loss of important information such as sensitive and confidential corporate information or intellectual property. This security breach can be a blow to an organization’s long-term performance.

Building secure web applications which are resistant to attacks is essential to a company’s IT posture and the ambition of protecting critical data and corporate information.

In July 2012, Coverity commissioned Forrester Consulting to conduct a study. The study was conducted on 240 software developers and security influencers. It highlighted the present application security practices and identified key trends and market directions across companies.

According to the survey published on it is found that:

?    Security incidents associated with applications are common and results in severe consequences.
?    Most companies still fight with the most basic flaws, such as Security.
?    Many organizations lack holistic or strategic way to application security.
?    Application development, security teams and goals are found to be in non aligned condition for optimized results.

More than half (51 percent) of the participants reported that they have experienced at least one web application security incident in less than 24 months since the beginning of the year 2011. 13 percent reported that they experienced five or more incidents.

As a result of security breaches, 18 percent of the respondents informed that they have experienced losses of at least $500,000 or more. 28 percent of them said thay don’t know the cost of their breaches.

59 percent of participants said that the breaches had a negative impact on their professional reputation. While only 56 percent and 52 percent of the respondents informed that the breaches affected their customer’s confidence and damaged their brand name.

66 percent of the respondents who experienced more than 10 incidents said that they had trouble with default accounts and passwords and 55 percent reported security misconfigurations. A large majority (79 percent) reported that they have problems with scalability and budgets.

When respondents were asked to rank which categories of web application vulnerabilities present the biggest risk to their environments, 39 percent reported that SQL injection tops the list with an average of 5 to 10 incidents.

However, 41 percent of the developers revealed that the lack of time to market forced them not to give importance to security during the development phase.

Don't Miss
Experts on QA
Swaid Qadir Bhat
Sr System Architect
Virtusa Corporation
Subhash  Motwani
Prasad Rao Pasam
Ayaskanta  Mohanty
Managing Director
TATWA Technologies
Rajesh  Dagar
Software Architect
Connect Icon Pvt Ltd
Yasar  Khuthub
Software QA Manager
Azure IT Solutions
Sunil  Bhat
Project Management
HCL Infosystems Limi
Sharad  Agarwal
Team Lead
Write your comment now
This report is the result of the largest public-private sector rese...
For those not familiar with the Coverity Scan™ service, i...