Code Libraries and Application Frameworks: A CIO's Security Nightmare?
Published: May 07, 2012 09:50
With so much of the discussions about enterprise security centered around securing enterprise data, it’s surprising how rarely the CIO will be brought into discussions about how to safeguard code libraries and application frameworks. After all, these don't necessarily matter to the average employee who wants to come into work, boot up the PC, and get down to work. But as you know all too well, frameworks and libraries are a vastly important element of corporate security. If they fail, there's a worrisome chance that the safety of your corporate data could be put to the test. In other words, the risks are high. And it's about time more stakeholders realized it. In the following slides, we're going to examine a new study from security firm Aspect Security that delves into the importance of frameworks and libraries and clearly illustrates that in far too many cases, they're becoming an issue for security-conscious CIOs. For this report, Aspect Security, in partnership with Sonatype, analyzed more than 113 million downloads across more than 60,000 organizations. What they uncovered may surprise you.