Like other security experts

[relemedf5w023]

4. Managing dependencies and third-party components. As research by application security company Snyk has shown, developers are not eager to support the components included in their software. As it turned out, 43% of developers never check their code for vulnerabilities. Only 11% of developers do this work quarterly, according to the State of Open-Source Security report. Snyk audited the code base of 433 thousand sites and found that 77% of them had at least one vulnerability in the front-end JavaScript library.

Snyk stresses the importance of regular code reviews. “The difference between a healthy company and an unhealthy company is the difference in how they detect known vulnerabilities in dependencies: if you embed ten libraries in your code, each of which will pull in ten more, it becomes very difficult to know which vulnerabilities are affecting the software,” said Snyk co-founder Danny Grander.

5. Update existing applications with known vulnerabilities. Some latvia mobile database applications, especially popular ones, are constantly monitored by third-party information security companies, which increases the chances of eliminating critical security holes in them. But at the same time, the importance of such software for business - even taking into account the unpatched holes - is so significant that companies have to put up with the risk of discovering new, as yet unknown holes. An example of such software is Internet Explorer 6 - many flaws have been found in the browser's defenses over the past ten years, but companies still relied on it to work with basic business applications.