Like other security experts
Posted: Sun Feb 09, 2025 3:56 am
4. Managing dependencies and third-party components. As research by application security company Snyk has shown, developers are not eager to support the components included in their software. As it turned out, 43% of developers never check their code for vulnerabilities. Only 11% of developers do this work quarterly, according to the State of Open-Source Security report. Snyk audited the code base of 433 thousand sites and found that 77% of them had at least one vulnerability in the front-end JavaScript library.
Snyk stresses the importance of regular code reviews. “The difference between a healthy company and an unhealthy company is the difference in how they detect known vulnerabilities in dependencies: if you embed ten libraries in your code, each of which will pull in ten more, it becomes very difficult to know which vulnerabilities are affecting the software,” said Snyk co-founder Danny Grander.
5. Update existing applications with known vulnerabilities. Some latvia mobile database applications, especially popular ones, are constantly monitored by third-party information security companies, which increases the chances of eliminating critical security holes in them. But at the same time, the importance of such software for business - even taking into account the unpatched holes - is so significant that companies have to put up with the risk of discovering new, as yet unknown holes. An example of such software is Internet Explorer 6 - many flaws have been found in the browser's defenses over the past ten years, but companies still relied on it to work with basic business applications.
Snyk stresses the importance of regular code reviews. “The difference between a healthy company and an unhealthy company is the difference in how they detect known vulnerabilities in dependencies: if you embed ten libraries in your code, each of which will pull in ten more, it becomes very difficult to know which vulnerabilities are affecting the software,” said Snyk co-founder Danny Grander.
5. Update existing applications with known vulnerabilities. Some latvia mobile database applications, especially popular ones, are constantly monitored by third-party information security companies, which increases the chances of eliminating critical security holes in them. But at the same time, the importance of such software for business - even taking into account the unpatched holes - is so significant that companies have to put up with the risk of discovering new, as yet unknown holes. An example of such software is Internet Explorer 6 - many flaws have been found in the browser's defenses over the past ten years, but companies still relied on it to work with basic business applications.