Synopsys, Inc. (Nasdaq: SNPS) today announced the results of a survey of 270 IT security professionals, which found that almost half (48 percent) viewed customer-facing web applications as the area presenting the most security risk to businesses. This is in contrast to 23 percent who identified mobile applications and 18 percent who suggested desktop applications presented the biggest risk. To view the full survey results, visit https://www.synopsys.com/blogs/software-security/cyber-security-threat-survey.
Andreas Kuehlmann, senior vice president and general manager at Synopsys, does not find this surprising, saying: “The level of customer information necessary to make web applications possible means these applications can be particularly vulnerable to attacks, so adding security into the software development lifecycle and supply chain is a critical requirement for businesses. The findings of the survey demonstrate that companies need to not only focus on building user-friendly web applications, but also ensure the most powerful tools and services are being used to detect and eliminate vulnerabilities in these applications.”
The most common security attacks on customer-facing web applications, from sales portals to instant messaging services, include SQL Injections, Cross-site Scripting (XSS), Remote Command Execution, and Path Traversal, which can all cause serious damages to businesses and users alike. Other main findings of the survey include:
- 54 percent of those surveyed said that “protecting customer data” within these applications represents the top security concern
- Aside from the technical challenges in securing customer-facing web applications, 41 percent of those surveyed felt that a lack of skilled security personnel or training was the biggest challenge, reflective of the cybersecurity skills gap across the globe
- 84 percent of respondents indicated that they have a strategy in place in the event of a security incident. Only 12 percent said they didn’t and 4 percent suggested they didn’t know, which is particularly reassuring as the increased frequency and severity of cyberattacks is expected to continue to rise.
Conducted 6-8 June in London at Infosecurity Europe 2017, Europe’s largest security-focused conference, the in-person survey is based on responses from attendees including IT professionals, managers, and executives.
About the Synopsys Software Integrity Platform
Synopsys offers the most comprehensive solution for building integrity—security and quality—into the software development lifecycle and supply chain. The Software Integrity Platform unites leading testing technologies, automated analysis and experts to create a robust portfolio of products and services. This portfolio enables companies to develop customized programs for detecting and remediating defects and vulnerabilities early in the development process, minimizing risk and maximizing productivity. Synopsys, a recognized leader in application security testing, is uniquely positioned to adapt and apply best practices to new technologies and trends such as IoT, DevOps, CI/CD, and the Cloud. For more information, go to www.synopsys.com/software.
Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world’s 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software security and quality solutions. Whether you’re a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest security and quality, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.