The Channel logo


By | John Leyden 17th February 2016 17:02

Web apps? It's mobile apps biz bosses should worry about – HPE

It’s all about the old days, not the 0-days, folks

Mobile application security is beginning to eclipse that of web apps as a significant risk to enterprises, according to a new study by Hewlett Packard Enterprise.

Approximately 75 per cent of the mobile applications scanned exhibited at least one critical or high-severity security vulnerability, compared to 35 percent of non-mobile applications.

Vulnerabilities due to API abuse are much more common in mobile applications than web applications, while error handling – the anticipation, detection, and resolution of errors – is more often found in web applications, HPE reports. The tech giant’s figures come via software from its HPE Security Fortify on Demand service.

Mobile applications’ frequent use of personally identifiable information creates an additional security concern.

The latest edition of HPE’s cyber-risk report (PDF) observes more generally that software vulnerability exploitation continued to be a primary vector for attack last 2015, with mobile exploits gaining traction.

The top 10 vulnerabilities exploited in 2015 were more than one year old, with 68 per cent being three years old or more. Throughout last year, Microsoft Windows represented the most targeted operating system platform, with 42 per cent of the top 20 discovered exploits directed at Microsoft platforms and applications.

Nearly a third (29 per cent) of all successful exploits in 2015 continued to use a 2010 Stuxnet infection vector that has been patched twice. ®

comment icon Read 2 comments on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe