Login | Register   
RSS Feed
Download our iPhone app
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.


Report: Average Application Has 24 Vulnerabilities Due to Flawed Components

Developers aren't very good about fixing application bugs inherited from open source code.




Application Security Testing: An Integral Part of DevOps

Software supply chain management vendor Sonatype has conducted a review of 1,500 applications that were built using open source components and found that on average, each application inherited 24 severe or critical security vulnerabilities from those components. Making matters worse, when those bugs were fixed in the open source code, developers updated their applications with the fixes only 41 percent of the time with a mean time-to-repair of 390 days.

Sonatype manages one of the largest public repositories of open source Java components. It says that 100,000 organizations used the Central Repository last year and that it served 17.2 billion download requests for 217,000 different components.

View article

Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date