CEO Nish Bhalla quoted in Infosec Island 'Why Are We Failing at Software Security?'

May 1, 2013

A recent report by Veracode found that 70% of applications fail to comply with enterprise security policies - a 10% jump over last year. An earlier report by HP found similarly dismal numbers when it comes to application threats. Major software breaches occur regularly at the highest levels.

At the same time, application security threats are well-known and documented in the industry. The OWASP Top 10 has been around for many years. If developers simply completed a comprehensive set of software security requirements, it would eliminate a high percentage of the most serious application vulnerabilities.

So why are we failing at software security?

Read the rest here: http://infosecisland.com/blogview/23120-Why-Are-We-Failing-at-Software-Security.html

CEO Nish Bhalla quoted in Business Courier 'Threatened cyberattacks on banks doesn't materialize...'

CEO Nish Bhalla quoted in Chain Store Age 'Six Most Common Mobile App Security Mistakes.'

Welcome to our resources hub!

CEO Nish Bhalla quoted in Infosec Island 'Why Are We Failing at Software Security?'

Previous Article

Next Article

CEO Nish Bhalla quoted in Infosec Island 'Why Are We Failing at Software Security?'

Previous Article

Next Article

Most Recent Articles

Report finds that cloud adoption remains a top IT priority for 2021, with over half of study participants stating that security requirements and integrations with on-premise technology are their bigge

Leader in Balanced Development Automation will incorporate ISASecure standards within SD Elements and contribute expertise to ISA Security Compliance Institute as a voting technical member

Leader in Balanced Development Automation will incorporate ISASecure standards within SD Elements and contribute expertise to ISA Security Compliance Institute as a voting technical member

To avoid penalties and meet government agency requirements, IoT device manufacturers must adhere to new standards and regulations. Learn the latest here.

A recent study found just 25% of organizations conduct threat modeling during the early phases of software development—requirements gathering and design—before proceeding with application development.

This study provides a better understanding of the current state of threat modeling with a specific focus on the challenges organisations face in scaling threat modeling in apps they build and deploy.

This study provides a better understanding of the current state of threat modeling with a specific focus on the challenges organisations face in scaling threat modeling in apps they build and deploy.

Software development in an organization has focused on speed of delivery, speed of response, speed of testing and so on blinding us to the fact that we need to be safe, secure and legally compliant

Looking at least one decade into the future, I believe we will see significant advancements in three areas by 2030 as a result of AI – personal assistance devices, genomics, and space exploration.

Organizations need to rethink their approach to threat modeling or risk losing its value as a key defense in their cybersecurity arsenals.

A more unified approach to governance, can close the gap and give stakeholders stronger assurances, but first, both business and technical sides of the organization need to get on the same page.