Now that more organizations than ever are realizing how dependent they are on software there’s a lot more time and effort being put into discovering application vulnerabilities. But a report published this week by HackerOne, an online service for contracting hackers, notes 93 percent of the 2017 Forbes Global 2000 list still do not have a policy in place pertaining to how they receive, respond, and resolve critical bug reports submitted by third parties.
That suggests most of the work being done to discover application vulnerabilities is being done by either the team that developed the application or cybersecurity professionals that typically don’t have much in the way of application development expertise.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.