{"id":4971,"date":"2023-02-17T15:47:41","date_gmt":"2023-02-17T20:47:41","guid":{"rendered":"https:\/\/solutionsreview.com\/network-monitoring\/?p=4971"},"modified":"2023-02-17T15:51:18","modified_gmt":"2023-02-17T20:51:18","slug":"life-in-the-fast-lane-reducing-vulnerabilities-when-rushing-to-scale","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/network-monitoring\/life-in-the-fast-lane-reducing-vulnerabilities-when-rushing-to-scale\/","title":{"rendered":"Life in the Fast Lane: Reducing Vulnerabilities When Rushing to Scale"},"content":{"rendered":"

\"vulnerabilities\"<\/p>\n

Solutions Review\u2019s Expert Insights Series is a collection of contributed articles written by industry experts in enterprise software categories. Pieter Danhieux of Secure Code Warrior<\/a> speeds through reducing vulnerabilities and risk when rushing to scale.<\/strong><\/em><\/p>\n

\"Expert\u201cYou must move at the speed of business \u2026\u201d<\/p>\n

This oft-repeated mantra defines the modern workplace, with the relentless pressure to rapidly scale: Market demands seemingly shift by the day– or hour. If you fail to shift with them, you risk extinction. But how can organizations keep up with this accelerated pace?<\/p>\n

Indeed, it\u2019s all about making something available everywhere people want \u2013 now \u2013 and software development teams are feeling the heat. They\u2019re perpetually under the gun to perform a miracle, to continuously create new applications and solutions that will earn the most significant buzz. Additionally, emerging \u201clatest and greatest\u201d solutions are constantly being thrown at developers, which can easily cause distractions. When we asked global software developers about their top priorities, they told us they are dialed in on ensuring code quality, boosting application performance, and solving real-world problems. Security, however, fell behind these priorities.<\/p>\n

Unfortunately, that does not come as a surprise. We too often hear, \u201cWe need to get this out ASAP \u2026 We\u2019ll deal with the secondary stuff later.\u201d Subsequently, security takes a backseat, regardless of how these decisions may impact customers in the future. This scenario is repeating itself in an endless spiral, despite the urgent tone of a White House call for more fortified software to counter \u201cforeign governments and criminal syndicates (which) are regularly seeking ways to compromise our digital infrastructure.\u201d Until organizations take a step back and get everyone on the same page, executive guidance can only go so far.<\/p>\n

\t\t\t

\"Download<\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n

Vulnerabilities and Risks When Rushing to Scale<\/strong><\/h3>\n

Dig deeper into the troublesome cycle, and you\u2019ll find the following sources of increased risks:<\/p>\n

    \n
  1. Speed traps.<\/strong> As indicated, the rush to scale leads directly to the issues. Two-thirds of developers told us they know they\u2019re shipping code with vulnerabilities. When we asked why, they said their organization and\/or management team prioritize functionality over security (as cited by 37 percent) and that they simply do not have time to build security into code while still meeting tight deadlines (36 percent). One-third said they don\u2019t know how to identify or fix vulnerabilities, and one-quarter said they feel fixing insecure code is someone else\u2019s job.<\/li>\n
  2. Vulnerable libraries.<\/strong> Developer teams rely heavily on pre-existing code, but 45 percent are using libraries or frameworks with inherent flaws because they are not tested\/evaluated on an ongoing basis for vulnerabilities.<\/li>\n
  3. Chatty application programming interfaces (APIs). <\/strong>APIs are supposed to enable communication between software components, facilitating user requests and responding to them. But developers frequently over-permit APIs for functions, so they don\u2019t have to keep changing access rights with every program build. That\u2019s when APIs will talk too much, oversharing critical information that attackers will exploit. But swift scaling does not have to diminish the protection of code.<\/li>\n<\/ol>\n

    Here are three ways you can make sure it doesn\u2019t:<\/p>\n