HackEDU Report Shows Developers Have Repeated Same Vulnerabilities At Top of OWASP Top 10 for 14 Years

Analysis Of Tens Of Thousands Of Developers Shows Lack Of Training Hampers Secure Coding Efforts

News provided by

HackEDU

Mar 29, 2021, 07:08 ET

SANTA MONICA, Calif., March 29, 2021 /PRNewswire/ -- HackEDU has released the 2021 Vulnerabilities Benchmark Report. The report, based on anonymous data from tens of thousands of software developers from hundreds of companies on HackEDU's secure coding training platform, provides insights on the state of application vulnerabilities across a broad range of industries.

Continue Reading

The 2021 Vulnerabilities Benchmark Report highlights the concern in the security community about the secure coding knowledge levels among developers. "It defies logic, but injection vulnerabilities have been number 1 or number 2 on the OWASP Top 10 for 14 years. When we dug into the data, we realized that it's not a coincidence that these are also the same vulnerabilities that are most often fixed incorrectly by developers," said Jared Ablon, CEO of HackEDU.  "Software and web applications are the top attack vectors for breaches, and one of the concerns we hear CISOs voicing is the fact that less than half of developers have been trained in secure coding practices. This leaves a major gap that needs to be addressed as part of their efforts to shift left."

The 2021 Vulnerabilities Benchmark report states that the biggest concern in application security among security leaders is the use of open source or third-party software. "Third party software providers may be slow to release patches, and even when they're released, they may not get applied right away. In many cases, the patch never gets applied because there's a fear of breaking dependencies. The root cause of the problem is poor secure coding knowledge, and this can be mitigated with proper training."

The report also offers a guide for how to use the contents of the report to secure the software development lifecycle.

To learn more, download a free copy of the 2021 Vulnerabilities Benchmark Report.  

About HackEDU
HackEDU provides interactive secure coding training that can be accessed anytime, anywhere. Our offensive + defensive lessons, science-based approach, and DevSecOps toolchain integrations help to motivate developers, keep them engaged, and learn and retain secure coding principles effectively. Learn more at www.hackedu.com

MEDIA CONTACT
Brandon Hoe
HackEDU, Inc.
(804) 742-2533
[email protected]

SOURCE HackEDU

Related Links

https://www.hackedu.com

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

icon3
440k+
Newsrooms &
Influencers
icon1
9k+
Digital Media
Outlets
icon2
270k+
Journalists
Opted In
GET STARTED