New view on third party software risk for you .. and me
New view on third party software risk: Security report: Enterprises place reckless trust in third-party software suppliers : http://www.zdnet.com/security-report-enterprises-place-reckless-trust-in-third-party-software-suppliers-7000007425/
'•Less than one in five enterprises have asked for a code-level security test from a software vendor.' brrr ..
'•Veracode explored vulnerability categories by language family. For Java, code quality topped the list (86%) followed by crypto issues; crypto took the top spot for .NET (77%) with code quality in second place. Error handling affects the most C/C++ apps (87%) followed by buffer overflow (75%).'
- so Java 86%, .NET 77% ..
New view on third party software risk: Security report: Enterprises place reckless trust in third-party software suppliers : http://www.zdnet.com/security-report-enterprises-place-reckless-trust-in-third-party-software-suppliers-7000007425/
'•Less than one in five enterprises have asked for a code-level security test from a software vendor.' brrr ..
'•Veracode explored vulnerability categories by language family. For Java, code quality topped the list (86%) followed by crypto issues; crypto took the top spot for .NET (77%) with code quality in second place. Error handling affects the most C/C++ apps (87%) followed by buffer overflow (75%).'
- so Java 86%, .NET 77% ..
