Shulou(Shulou.com)11/24 Report--

CTOnews.com, April 26, according to the results of the latest questionnaire, 86% of software developers and AppSec managers are aware of vulnerabilities in their code. Eighty-eight per cent of AppSec managers surveyed said they had been exploited due to code vulnerabilities in the past year.

Market research firm Checkmarx surveyed more than 1500 chief information security officers (CISO), AppSec managers and software developers and found that 60 per cent of vulnerabilities could be detected during the code construction or testing phase.

Citing the report, CTOnews.com found that 34% of respondents said AppSec scans were fully integrated and automated into their software configuration management (SCM) systems, integrated development environment (IDE), and continuous integration (CI) / continuous delivery (CD) tools.

According to the interviewed CISO, the highest risk in the code is the use and exposure of API, accounting for 37 per cent, followed by the open source software supply chain (malicious code) (37 per cent), application containerization (37 per cent), open source software (36 per cent) and infrastructure namely code risk (36 per cent).

According to AppSec managers who have experienced attacks, the top three reasons include open source software supply chain attacks (41 per cent), stolen credentials, confidential or weak authentication / authorization (40 per cent), and known and / or unknown vulnerabilities in code released to production (39 per cent).

The link to the full report is as follows: It's Here: The Global Pulse on Application Security Report

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.