Public sector apps show higher rates of security flaws

2023-06-07 03:30

Applications developed by public sector organizations tend to have more security flaws than applications created by the private sector, according to Veracode.

"The difference between the rate at which flaws appear in public and private sector applications is significant. Efforts by the government to close the gap are necessary and should continue. As stewards of public safety, agencies have a responsibility to close this gap and strengthen security to protect the nation and its citizens," said Chris Eng, Chief Research Officer at Veracode.

Discovery of "High severity" flaws in public sector applications in a 12-month period was lower than in non-public sector applications.

SAST and SCA found application flaws in a smaller percentage of public sector agencies compared to private sector applications.

By the time software has been in production for five years, the two sectors diverge sharply: rates of new flaws introduced in private sector applications increase, while rates for public sector agencies decline.

"The public sector has come a long way in strengthening the security of applications that serve our government, but there is still more work to be done for agencies to improve their cyber posture and repel incoming threats. By focusing security efforts on the root cause of most cyber breaches-the application layer-agencies can achieve necessary improvements. Scanning regularly with a variety of testing types and addressing security debt-the accumulated software vulnerabilities that threaten a system's safety-will pave the way toward a more secure future for government agencies," Eng concluded.

News URL

https://www.helpnetsecurity.com/2023/06/07/public-sector-applications-flaws/

#security