The majority of applications in use by enterprise organisations are insecure, according to a research report from application security services supplier Veracode.
The company tested the security of over 1,500 applications and found internally developed applications to be the least secure, with 70% of those assessed failing to pass a standard security test.
Open source and commercially developed software were found to be roughly equal in their security, with around 60% of each failing the security test. However, the majority of applications in use in the enterprise were found to be of the less secure, internally developed kind.
“Extrapolating from the application sample set, more than half of the software deployed in enterprises today is potentially susceptible to an application layer attack similar to that used in the recent Heartland or Google security breaches,” the report said.