{"id":49423,"date":"2022-11-22T13:40:06","date_gmt":"2022-11-22T13:40:06","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34059\/73-Percent-Of-Retail-Applications-Contain-Security-Flaws-But-Only-A-Quarter-Are-Fixed.html"},"modified":"2022-11-22T13:40:06","modified_gmt":"2022-11-22T13:40:06","slug":"73-percent-of-retail-applications-contain-security-flaws-but-only-a-quarter-are-fixed","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/73-percent-of-retail-applications-contain-security-flaws-but-only-a-quarter-are-fixed\/","title":{"rendered":"73 Percent Of Retail Applications Contain Security Flaws, But Only A Quarter Are Fixed"},"content":{"rendered":"
<\/div>\n

Low Fix Rate Highlights the Need for Software Security Vigilance from Retailers in the Lead-up to Black Friday<\/i><\/p>\n

BURLINGTON, Mass., November 22, 2022<\/b>–(BUSINESS WIRE<\/a>)–Veracode<\/a>, a leading global provider of modern application security testing solutions, today revealed that almost three-quarters of applications in the retail & hospitality sector contain security flaws, but only 25 percent of these are fixed. Furthermore, 17 percent of these flaws are categorized as \u2018high severity\u2019, meaning they pose a serious risk to the business if exploited. With 76 percent of Americans planning to shop the Black Friday sales on 25 November*\u2014and 56 percent planning to purchase entirely online**\u2014 retailers should take extra care to reinforce the security of their ecommerce systems, digital payment platforms, and supply chains.<\/p>\n

The data was published in Veracode\u2019s annual State of Software Security (SoSS) report v12<\/a>, which analyzed 20 million scans across half a million applications in the retail, manufacturing, healthcare, financial services, technology, and government sectors.<\/p>\n

Chris Eng, Chief Research Officer at Veracode, said, “Maintaining customer loyalty and trust is priority number one for retailers, and this will be heightened during the Black Friday period. With the average cost of a data breach in the retail sector calculated at $3.28 million***, implementing robust tools and practices to secure the applications customers use to browse and make purchases is imperative.”<\/p>\n

Despite the relatively low number of flaws that are fixed, the retail industry takes second place for overall remediation rate, highlighting the need for software security improvements from organizations across all sectors. Eng said, “Compared with other sectors, retailers are better at fixing flaws when they\u2019re discovered. While this is encouraging, it\u2019s clear more needs to be done across the board to integrate flaw identification and remediation into the software development pipeline so that vulnerabilities can be addressed more efficiently.”<\/p>\n