Tag: heartbleed bug

CAST Research Links Consumer Data Breaches Directly To Poor Code Quality

CAST-heartbleed-linked-to-poor-code-qualityYou’d think that after news of the Heartbleed bug broke, every IT organization worth their salt would have immediately moved to start monitoring their structural robustness and code quality to protect their sensitive consumer data. And while many did, two months after Heartbleed was announced, more than 300,000 servers were still vulnerable.

Now, three months later, CAST Research Labs has found there is a direct link between the growing number of data breaches and security incidents, and poor code quality in consumer applications. The data reveals finance and retail industry applications are the most vulnerable to data breaches, with 70 percent of retail and 69 percent of financial services applications shown to have data input validation violations.

Lev Lesokhin
Aug 27, 2014
Software Quality: The Problem with Ignoring the Open Source Quality
Securing open source - Lev Lesokhin spoke with CSO Online about how large IT organizations can secure their business critical applications from known vulnerabilities and shoddy software quality. Be sure to check...
Stephanie W.
Jul 2, 2014
ComTimeCastWarner: An Application Portfolio Management Nightmare

In a merger, integrating company names is hard enough -- imagine having to integrate massive application portfolios?

As the Justice Department and the FCC evaluate the proposed merger between corporate behemoths Time Warner Cable and Comcast, I wonder if the C-suite at both companies are investing as much time evaluating the health and security of one another’s application portfolio. Historically, technical due diligence has lagged greatly behind the financial due diligence.

Pete Pizzutillo
Jun 17, 2014
The Heartbleed bug: how 7 missing lines of code impacted over two thirds of the Internet

On April 7, the IT industry was rocked when it was announced that over 60 percent of the Internet -- even secure SSL connections -- were vulnerable to attack due to a new weakness codenamed Heartbleed. The weakness lives in the OpenSSL cryptographic software library, which encrypts sessions between consumer devices and websites. It’s usually referred to as the “heartbeat” since it pings messages back and forth. Hence the name of the bug.

Damien Choizit
Apr 14, 2014
The data reveals finance and retail industry applications are the most vulnerable to data breaches, with 70 percent of retail and 69 percent of financial services applications shown to have data input validation violations.

  • Software Quality: The Problem with Ignoring the Open Source Quality

    Jul 2, 2014, 14:53 PM by Stephanie W.
    Securing open source - Lev Lesokhin spoke with CSO Online about how large IT organizations can secure their business critical applications from known vulnerabilities and shoddy software quality. Be sure to check...

  • ComTimeCastWarner: An Application Portfolio Management Nightmare

    Jun 17, 2014, 11:30 AM by Pete Pizzutillo

    In a merger, integrating company names is hard enough -- imagine having to integrate massive application portfolios?

    As the Justice Department and the FCC evaluate the proposed merger between corporate behemoths Time Warner Cable and Comcast, I wonder if the C-suite at both companies are investing as much time evaluating the health and security of one another’s application portfolio. Historically, technical due diligence has lagged greatly behind the financial due diligence.

  • The Heartbleed bug: how 7 missing lines of code impacted over two thirds of the Internet

    Apr 14, 2014, 12:34 PM by Damien Choizit

    On April 7, the IT industry was rocked when it was announced that over 60 percent of the Internet -- even secure SSL connections -- were vulnerable to attack due to a new weakness codenamed Heartbleed. The weakness lives in the OpenSSL cryptographic software library, which encrypts sessions between consumer devices and websites. It’s usually referred to as the “heartbeat” since it pings messages back and forth. Hence the name of the bug.

    • -->

    Get a Demo    •    Contact Us    •     Support    •     The Software Intelligence Pulse    •     Privacy Policy    •     SiteMap    •     Glossary    •     Archive

    Copyright - CAST | All Rights Reserved