IronCore Finds Major Drop in App Security

BOULDER, Colorado – July 1, 2016 – IronCore Labs today released data showing a marked decrease in the overall security of applications. Applications in 2015 were generally easier to attack and compromise than they were in 2010.

Using data from the National Vulnerability Database, IronCore found that the number of severe vulnerabilities has increased, and at the same time the percent of severe vulnerabilities that are easy to exploit has climbed. The percentage of high severity vulnerabilities that are classified as low complexity (that is, easy to exploit) jumped from 60% in 2010 to 75% in 2015.

“There are a number of factors that contribute to this worsening of application security,” said Patrick Walsh, IronCore’s CEO. “Software developers are taught that security is not their problem and that operations teams can magically protect their app for them. Unfortunately, in practice this is not the case. Over 90% of security incidents are due to application vulnerabilities.”

There were over 56,000 new computers science bachelors degrees awarded in 2015 in the U.S., but 47 of the top 50 schools didn’t require any kind of computer security training for their graduates.

“Until we fix the developer knowledge gap, we’ll continue to see almost daily data breaches in the news,” said Bob Wall, IronCore’s CTO.

More Information

More information and statistics surrounding the state of application security can be found in the IronCore blog post, The Worsening State of Application Security.

About IronCore Labs, Inc.

Headquartered in Boulder, Colorado with offices in Bozeman, Montana, IronCore is a semi-stealth startup building the next generation of data security solutions for developers. You can follow them on twitter at @ironcorelabs.