Managing Application Vulnerabilities (an early peek into improved controls for your code and data)
Published on October 4, 2016 by Michelle Pruitt
I’m working on an application risk management study/survey focusing on the importance of one vulnerability exploit in particular: debugger hacks against production apps. Our initial data set already includes responses from 100+ developers targeting cloud, mobile and desktop platforms from 15+ countries.
A Clear Material Application Risk for a Majority of Development Teams
58% report ongoing, sustained risk management development investments dedicated to mitigate the following material risks:
- Financial theft
- Intellectual property theft through application use
- Intellectual property theft through application tampering and reverse engineering
- Operational disruption
- Regulatory and other compliance obligations
- Unauthorized access to user and business data
Within the development teams that have taken affirmative action to mitigate these risks, 64% have identified unauthorized use of a debugger in production as a material vulnerability.
If you’re interested in getting the final numbers (and a deeper dive into both the risks and controls to effectively mitigate these risks), I expect to be publishing results in the next 1-2 weeks HERE (there’s already a link to a related white paper on this page for download too).