Forgot your password?
typodupeerror
Government

+ - Study Confirms The Government Produces The Buggiest Software->

Submitted by Sparrowvsrevolution
Sparrowvsrevolution (1926150) writes "Humans aren't very good at writing secure code. But they're worst at it when they're paid to do it for the U.S. government, according to a study that will be presented at the Black Hat Europe security conference in Amsterdam later this week. Chris Wysopal, chief technology officer of bug-hunting firm Veracode plans to give a talk breaking down a vulnerability analysis of 9,910 software applications over the second half of 2010 and 2011.

Government-built applications came out far worse than those created by the commercial software industry or the finance industry. Only 16% of government web applications were secure by OWASP standards, compared with 24% of finance industry software and 28% of commercial software. By SANS standards, only 18% of government apps passed, compared with 28% of finance industry apps and 34% of commercial software.

Wysopal and others blame the difference on a lack of accountability of federal contract developers, who aren't held to security standards and are even paid extra to fix their bugs after creating them."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Study Confirms The Government Produces The Buggiest Software

Comments Filter:

To thine own self be true. (If not that, at least make some money.)

Working...