NEWS - April 17, 2012
by Carol~ - 4/17/12 5:06 AM
Website vulnerabilities fall, but hackers become more skilled
"Developers introduced 148 serious flaws on an average per website in 2011, according to WhiteHat Security"
The number of coding mistakes on websites continues to fall but companies are slow to fix issues that could be exploited by hackers working with improved attack tools, a security expert said.
The average number of serious vulnerabilities introduced to websites by developers in 2011 was 148, down from 230 in 2010 and 480 in 2009, said Jeremiah Grossman, chief technology officer for WhiteHat Security, which specialises in testing websites for security issues. Grossman spoke on the sidelines of the Open Web Application Security Project conference in Sydney on Monday.
The vulnerabilities are contained within custom website code and are not issues that can be fixed by applying patches from, for example, Microsoft or Oracle, Grossman said. According to WhiteHat Security statistics, it takes organisations an average of 100 days to fix about half of their vulnerabilities.
The risk is that vulnerabilities which haven't been speedily remedied could be found by a hacker, resulting in a high-profile data breach such as those that affected Sony, the analyst firm Stratfor Global Intelligence, and AT&T.
Continued : http://news.techworld.com/security/3351498/website-vulnerabilities-fall-but-hackers-become-more-skilled/