A software application developer has claimed that more than half of all software on the market is vulnerable to the kind of attacks that affected Google earlier this year.
Speaking at the RSA Conference in San Francisco, Veracode claimed that as many as as 58% of the 1,600 software applications that it tested could be exposed by a hacking or security attack similar to the Chinese hacking attack that targeted Google services. The company also claimed that the same holes were exploited in attacks on the US Department of Defense.
Veracode analysed a range of application types, and assessed “billions of lines of code” to build a comprehensive security overview, concluding that a wide range of enterprise applications are susceptible to “large scale attacks”.
“Because of the depth and breadth of the data in our platform, we have expansive knowledge about risk from all types of applications and across the software supply chain,” said Matt Moynahan, chief executive at Veracode.
“The report analyses the state of security more comprehensively than any others in this market, and offers specific recommendations for each type of potential threat.”
The company also claimed that the security of open-source applications, where the source code of the software is made open to the public, allowing amateur developers and enthusiasts to create improvements and applications to work with that software is comparable to that found in many outsourced and commercial applications.