70% of finance apps vulnerable to input validation attacks
Help Net Security reports:
A growing number of data breaches and security incidents can be directly linked to poor code quality, according to CAST.
The data reveals finance and retail industry applications are the most vulnerable to data breaches, with 70 percent of retail and 69 percent of financial services applications shown to have data input validation violations. This is particularly concerning, considering the amount of personal and financial customer data often held in applications across these industries.[…]
CAST also found that – contrary to public perception – government IT had the highest percentage of applications without any input validation violations (61 percent), while independent software vendors came in dead last (12 percent without violations). Even more surprising, the data showed that the financial services industry has the highest number of input validation violations per application (224) even though their applications, on average, are only half as complex as the largest application scanned.
Read more on Help Net Security.