Comunicati Stampa

Kudzidza kunoburitsa lag mukuchengetedza software mumasangano ehurumende

software veracode

Sekureva kweVeracode's State of Software Security Public Sector 2023 mushumo, 82% yezvikumbiro zvehurumende zvine maburi ekuchengetedza.

Bazi rehurumende richiri kukunda vamwe varo vakazvimirira mune dzimwe nzvimbo

Veracode, anotungamira mupi wehungwaru hwekuchengetedza software, nhasi aburitsa chidzidzo chakawana zvikumbiro zvakagadziriswa nemasangano ehurumende zvinowanzova nezvikanganiso zvekuchengetedza kupfuura zvikumbiro zvakagadzirwa mubazi rakazvimirira. Izvi zvakakosha zvakawanikwa nekuti kwakawanda kusasimba kwekushandisa kunoenderana nehuwandu hwengozi. Chidzidzo ichi ndechimwe chemakumi ezviuru zvezvirongwa zvehurumende zvemubatanidzwa zvine chinangwa chekusimbisa cybersecurity, kusanganisira kuedza kudzikisa kusazvibata mumashandisirwo anoita mabasa akakosha ehurumende.

Tsvaga mhinduro

Vatsvagiri vakawana kuti ingangoita 82% yezvikumbiro zvakagadziridzwa nemasangano ehurumende anga aine chikanganiso chimwe chekuchengetedza chakaonekwa mukuongororwa kwavo kwazvino mumwedzi gumi nemiviri yapfuura zvichienzaniswa ne12% yemasangano akazvimirira. Zvichienderana nerudzi rwechikanganiso chakaonekwa, zvikumbiro zvevashandi vehurumende zvaive nemukana wakakura wekuunza kukanganisa mumwedzi gumi nemiviri yapfuura pa74-12%.

"Musiyano uripo pakati pehuwandu hwekukanganisika muhuwandu hweveruzhinji uye hwega hwega zvikumbiro wakakosha. Hurumende inofanirwa kuramba ichivhara gap iri. Sevamiriri vekuchengetedzwa kwevanhu, masangano ehurumende ane basa rekuvhara gaka iri uye kusimbisa chengetedzo kuchengetedza nyika nevagari vayo, "akadaro Chris Eng, Director weKutsvagisa kuVeracode.

Ongororo yedata yakaunganidzwa kubva kune anopfuura mamirioni makumi maviri nemanomwe scans mukati me27 maapplication akabatsira kuburitsa Veracode ichangoburwa pagore State of Software Security report. Chirevo chitsva ichi chinodonongodza zvakawanikwa neruzhinji kubva kune izvo scans uye mashandisirwo, kusanganisira yemubatanidzwa, yenyika uye yenharaunda zvakawanikwa.

Zviverengero zvoga hazviratidzi mhedzisiro yezviito zvehacker pavanoshandisa software bugs uye kusasimba. Mukutanga kwaChivabvu gore rino, kurwiswa kwerudzikinuro kuguta reDallas kwakazunza mashandiro eruzhinji, kusanganisira masisitimu emakombuta anoshandiswa nemasangano ekuchengetedza veruzhinji. Anopfuura mavhiki matatu mushure mekurwiswa, masangano everuzhinji muDallas akange asati apora.

Kusagadzikana kwakanyanya: kukunda kweruzhinji

Chidzidzo cheVeracode chakasimbisawo chikonzero nei masangano ehurumende aine tarisiro nezvekuchengetedzwa kwekushandisa. Kuwanikwa kwe "zvakanyanya" zvikanganiso mumashandisirwo ehurumende (16,5%) mumwedzi we12 wakaderera pane zvisiri zvehurumende zvikumbiro (19%). Izvi zvakakosha, nekuti zvikanganiso zvakakomba, kana zvikashandiswa, zvinogona kukanganisa zvakanyanya masisitimu.

Kuedza kwechizvino-zvino chekushandisa kunokurudzira kushandiswa kwezvishandiso zvakasiyana-siyana zvekuongorora chengetedzo, senge Static Security Testing (SAST) uye Software Composition Analysis (SCA), nekuti mhando dzakasiyana dzema scans dzakakura pakufumura marudzi akasiyana ezvikanganiso. SAST neSCA vakawana zvikanganiso zvekushandisa mune yakaderera muzana yemasangano mubazi rehurumende pane mukunyorera mubazi rakazvimirira.

Innovation newsletter
Usarasikirwa nenhau dzakanyanya kukosha dzekuvandudza. Nyora kuti uvagamuchire neemail.

Kuona zvikanganiso zvishoma kana uchishandisa maturusi eSCA zvinogona kuratidza kutanga kweMay 2021 Executive Order (EO 14028), iyo inoraira masangano emubatanidzwa weUS kuti akwidze nhamburiko dzekuchengetedza software yekugovera cheni. Iyi EO inodawo kushandiswa kwakanyanya kwesoftware mabhiri ezvinyorwa (SBOMs), zvinyorwa zvezvinhu zvinoshandiswa musoftware, nekudaro kukurudzira kugovana, kujeka uye kuoneka. Kumwe kunhu, iyo Federal Risk uye Authorization Management Chirongwa (FedRAMP) inomisa kuongororwa kwekuchengetedza kwezvigadzirwa zvemakore nemasevhisi. Saizvozvo, StateRAMP inobvumira hurumende dzematunhu nedzenzvimbo kuti dzione kutevedzera cybersecurity marongero nevanopa masevhisi emakore.

An ounce yekudzivirira inokosha pondo yekurapa

Musiyano wakakura pakati pevashandi vehurumende uye vakazvimirira vega mashandisirwo ekukurumidza kuongorora kufumura zvikanganiso zvitsva musoftware yechinyakare. Kana iyo software yave mukugadzirwa kwemakore mashanu, maindasitiri maviri anosiyana zvakanyanya: mwero wezvikanganiso zvitsva zvinounzwa mumapato akazvimiririra unowedzera, ukuwo mwero uchidzikira mumasangano ehurumende.

Maitiro aya anoratidza kuti masangano ehurumende ari kutarisisa zvakanyanya kuchengetedza zvikumbiro nekufamba kwenguva uye kwete mukati memakore mashoma ekutanga ehupenyu hwavo hunobatsira. Zvikumbiro zviri kunze kwehurumende, zvakasiyana, zvinoratidza kuwedzera zvishoma nezvishoma uye kwakadzikama mukuunzwa kwekukanganisa kutsva pazvinenge zvisingachashandi.

Iyo State of Software Security Public Sector 2023 mushumo inokurudzira zviito zvina zvinofanirwa kutora masangano ekuvandudza cybersecurity maitiro.

  • Kudzoreredza: Bvisa kuseri kwezvikanganiso zvinozivikanwa
  • Ita nguva nenguva: Ma scans asina kurongeka anoita kuti zvinyanye kunetsa kugadzirisa zvikanganiso, zvichiwedzera kuwedzera kumashure
  • Automate: Kuita bvunzo otomatiki kuburikidza neAPIs kunoderedza kuunzwa kwezvikanganiso mukushandisa
  • Wedzera DAST kune stack: Shandisa dynamic scanning kuti uone zvikanganiso dzimwe mhando dze scan dzakapotsa

“Bazi rehurumende rasvika kure mukusimbaradza kuchengetedzwa kwezvikumbiro zvinoshandira hurumende yedu, asi masangano achine rwendo rurefu rwekuita kuti agadzirise mashandisiro aanoita padandemutande uye kudzivirira njodzi dzinouya. Nekutarisa kuchengetedza kuchengetedza pamudzi wezvakawanda zvekutyorwa kwecyber - iyo application layer - masangano anogona kuwana budiriro inodiwa. Nguva nenguva kuongorora nemhando dzakasiyana siyana dzebvunzo uye kugadzirisa chikwereti chekuchengetedza - zvakaunganidzwa munjodzi musoftware inotyisidzira kuchengetedzeka kwehurongwa - ichavhura nzira yeramangwana rakachengeteka remasangano ehurumende, "Eng akapedzisa.

Iyo yakazara vhezheni yeruzhinji chikamu chekudzidza kubva kuVeracode's State of Software Security report iripo uye inopa anoenzanisa metrics kumasangano ehurumende.

Nezve State of Software Security report

Vhoriyamu 13 yeVeracode yegore negore State of Software Security report inoongorora mafambiro enhoroondo anoumba mamiriro esoftware uye kuti maitiro ekuchengetedza anochinja sei nemaitiro aya. Mhedzisiro yegore rino yakavakirwa pane ese nhoroondo data yakapihwa neVeracode masevhisi uye vatengi uye inomiririra chikamu chemuchinjiko chemakambani makuru nemadiki, ekutengesa software vatengesi, software outsourcers uye yakavhurika-sosi mapurojekiti. Chirevo ichi chine mhedzisiro pane zvikumbiro zvakaiswa pakuongororwa kwakasimba, ongororo yakasimba, kuongororwa kwesoftware, uye/kana manyorero ekupinda mukati kuburikidza neVeracode's Cloud-based platform. Chirevo chinotarisa data rakapihwa nevatengi veVeracode uye ruzivo rwakaverengerwa kana kutorwa mukati mekuongorora kweVeracode.

BlogInnovazione.it

Innovation newsletter
Usarasikirwa nenhau dzakanyanya kukosha dzekuvandudza. Nyora kuti uvagamuchire neemail.
Chikumi 10, 2023 12:56pm

Zvinyorwa zvekare

Interface segregation musimboti (ISP), yechina SOLID musimboti

Iyo musimboti wekuparadzanisa interface ndeimwe yeashanu SOLID misimboti yechinhu-yakatarisana nedhizaini. Kirasi inofanira kuva ne…

14 May 2024

Maitiro ekuronga zvakanyanya data uye mafomula muExcel, yekuongorora kwakanyatsoitwa

Microsoft Excel ndiyo yereferensi chishandiso chekuongorora data, nekuti inopa akawanda maficha ekuronga seti yedata,…

14 May 2024

Mhedziso yakanaka yemapurojekiti maviri akakosha eWalliance Equity Crowdfunding: Jesolo Wave Island neMilano Via Ravenna.

Walliance, SIM uye chikuva pakati pevatungamiriri muEurope mumunda weReal Estate Crowdfunding kubvira 2017, inozivisa kupera…

13 May 2024

Chii chinonzi Filament uye mashandisiro eLaravel Filament

Filament ndeye "yakawedzera" Laravel kusimudzira chimiro, ichipa akati wandei-akazara-stack zvikamu. Yakagadzirirwa kurerutsa maitiro e…

13 May 2024

Pasi pekutonga kweArtificial Intelligences

"Ini ndinofanira kudzoka kuzopedzisa kushanduka kwangu: Ndichazvigadzira mukati mekombuta uye ndive simba rakachena. Kamwe yakagara mu…

10 May 2024

Hungwaru hutsva hweGoogle hunogona kutevedzera DNA, RNA uye "ese mamorekuru ehupenyu"

Google DeepMind iri kuunza iyo yakagadziridzwa vhezheni yayo yekugadzira njere modhi. Iyo nyowani yakagadziridzwa modhi inopa kwete chete…

9 May 2024

Kuongorora Laravel's Modular Architecture

Laravel, yakakurumbira kune yayo inoyevedza syntax uye ane simba maficha, zvakare inopa hwaro hwakasimba hwe modular architecture. Ikoko…

9 May 2024

Cisco Hypershield uye kutora kweSplunk Iyo nguva nyowani yekuchengetedza inotanga

Cisco naSplunk vari kubatsira vatengi kumhanyisa rwendo rwavo kuenda kuSecurity Operations Center (SOC) yeramangwana ne…

8 May 2024

Verenga Innovation mumutauro wako

Innovation newsletter
Usarasikirwa nenhau dzakanyanya kukosha dzekuvandudza. Nyora kuti uvagamuchire neemail.

kutitevera

Zvinyorwa zvekare

Tag

gupuro cyber attack blockchain chatbot chat gpt gore Content Marketing cyber attack cyber kuchengetedzwa kodzero yevatengi ecommerce Eniasi chiitiko chekuvandudza gianfranco fedele google kuchinja utsanzi mari innovation kuwedzera kwebasa kuvandudzwa kwezvokurapa innovation sustainability Tekinoroji nyowani kungwara kwekunyepedzera IOT laravel Machine Learning metaverse Microsoft nft Hapana Munhu muLoop PHP pindura Robotics seo SERP Software software dhizaini software development Software Engineering kuenderera tanga thales Tutorial Vpn web3