The Channel logo

News

By | John Leyden 17th February 2016 17:02

Web apps? It's mobile apps biz bosses should worry about – HPE

It’s all about the old days, not the 0-days, folks

Mobile application security is beginning to eclipse that of web apps as a significant risk to enterprises, according to a new study by Hewlett Packard Enterprise.

Approximately 75 per cent of the mobile applications scanned exhibited at least one critical or high-severity security vulnerability, compared to 35 percent of non-mobile applications.

Vulnerabilities due to API abuse are much more common in mobile applications than web applications, while error handling – the anticipation, detection, and resolution of errors – is more often found in web applications, HPE reports. The tech giant’s figures come via software from its HPE Security Fortify on Demand service.

Mobile applications’ frequent use of personally identifiable information creates an additional security concern.

The latest edition of HPE’s cyber-risk report (PDF) observes more generally that software vulnerability exploitation continued to be a primary vector for attack last 2015, with mobile exploits gaining traction.

The top 10 vulnerabilities exploited in 2015 were more than one year old, with 68 per cent being three years old or more. Throughout last year, Microsoft Windows represented the most targeted operating system platform, with 42 per cent of the top 20 discovered exploits directed at Microsoft platforms and applications.

Nearly a third (29 per cent) of all successful exploits in 2015 continued to use a 2010 Stuxnet infection vector that has been patched twice. ®

comment icon Read 2 comments on this article or post a comment alert Send corrections

Opinion

Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella
Stranded_ships

Chris Mellor

Thousands of layoffs announced as spinning rust enters its death spiral

Features

Locker room jocks photo via Shutterstock
Best locker-room strategy: Avoid emulating AWS directly
STRASBOURG, JUNE 29, 2016: The seat of the European Parliament. by Marco Aprile for shutterstock. EDITORIAL USE ONLY
Plan b, image via Shutterstock
EU workers, new markets: post-Brexit pressure on May & Co
Tough question, pic via Shutterstock