[ISN] Most companies skimp on third-party code checks, study finds

From: InfoSec News <alerts_at_private>
Date: Wed, 11 May 2011 03:10:03 -0500 (CDT)
http://www.csoonline.com/article/681893/most-companies-skimp-on-third-party-code-checks-study-finds

By George V. Hulme
CSO 
May 10, 2011 

Those looking for good news when it comes to healthy software 
development hygiene are going to be soundly disappointed by today's 
news.

In a study conducted by Forrester Consulting, commissioned by software 
security firm Coverity, 336 people involved in software development in 
North America and Europe were surveyed on their current practices when 
it came to managing software quality, security and safety.

The takeaway: not everyone is brushing their teeth, nor eating their 
five figurative servings of fruits and vegetables every day.

According to the study, the Software Integrity Risk Report, while most 
companies outsource software code development from third parties, that 
code is not tested for quality, safety and security to the same degree 
as their in-house developed software.

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Wed May 11 2011 - 01:10:03 PDT

This archive was generated by hypermail 2.2.0 : Wed May 11 2011 - 01:18:00 PDT