Retail and hospitality outpaces other sectors in fixing software security vulnerabilities
eracode , one of the largest
V global providers of application security testing ( AST ) solutions , released new findings that show the retail and hospitality sector fixes flaws in its software at a faster rate than five other sectors . The findings come from Veracode ’ s analysis of more than 130,000 applications .
The ability to find and fix potential security defects quickly is a necessity , particularly in an industry that requires rapid response to changing customer demands . Retail and hospitality also track a high volume of personal information about consumers through loyalty cards and membership accounts , tying into marketing data from thirdparties , which is enabled by more software . Web applications attacks are the primary vector for breaches in retail , with personal or payment data exploited in about half of all breaches , according to the 2020 Verizon Data Breach Investigations Report .
The research found 76 % of applications in the retail and hospitality sector have at least one flaw , which is about average when compared to economic sectors such as financial services , technology , healthcare and others . However , 26 % of application flaws are high-severity issues – the second-largest proportion among all six sectors – that require urgent attention .
Veracode research shows that the retail and hospitality industry rank secondbest for overall fix rate : half of its flaws are remediated in just 125 days , nearly one month faster than the next-fastest sector . While this may seem lengthy , half of flaws across all industries remain unfixed for much longer and may never be fixed at all .
“ Retail and hospitality companies face the dual pressure of being high-value targets for attackers while also requiring software that allows them to be highly responsive to customers and compliant with industry regulations such as PCI ,” said Chris Eng , Chief Research Officer at Veracode . “ Developers in the retail and hospitality sector appear to do a better job than others when dealing with issues related to information leakage and input validation . Using API-driven scanning and software composition analysis to scan for flaws in open source components offer the most opportunity for improvement for development teams in the retail sector .” u
Developers in the retail and hospitality sector appear to do a better job than others when dealing with issues related to information leakage and input validation . intelligent SOFTWARE SECURITY www . intelligentciso . com
61