Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 7 declined, 3 accepted (10 total, 30.00% accepted)

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - Security Firm Confirms FOSS Devs Fix Bugs Faster->

Submitted by sgtrock
sgtrock (191182) writes "This story was reported in several places yesterday. From Dark Reading:

Around 58 percent of the applications tested by application security testing service provider Veracode in the past year-and-a-half failed to achieve a successful rating in their first round of testing. "The degree of failure to meet acceptable standards on first submission is astounding — and this is coming from folks who care enough to submit their software to our [application security testing] services," says Roger Oberg, senior vice president of marketing for Veracode. "The implication here is that more than half of all applications are susceptible to the kinds of vulnerabilities we saw at Heartland, Google, DoD, and others — these were all application-layer attacks."

...

"The conventional wisdom is that open source is risky. But open source was no worse than commercial software upon first submission. That's encouraging," Oberg says. And it was the quickest to remediate any flaws: "It took about 30 days to remediate open-source software, and much longer for commercial and internal projects," he says.

"

Link to Original Source

"Say yur prayers, yuh flea-pickin' varmint!" -- Yosemite Sam

Working...