White Papers for Federal Information Security Management Act (FISMA)

Software Assurance Protection: Bridging the Gap in Application Security for Open Source

Palamida

The investment global companies spend in developing and maintaining software applications is significant. Forrester Research predicts that in 2008, companies in North America and Europe will spend at least $181 billion in new software application development and development for upgrades and maintenance1. This investment in software applications indicates the growing importance and reliance on software applications and their value to a company’s overall capitalization. In the mid-80’s only 20% to 30% of an organization’s capitalization was comprised of intangible assets, including intellectual property found in software applications. Now, 70% to 80% of its capitalization is made up
of these intangible assets2.

Software applications help meet customer and competitive needs, but they also provide a primary avenue for attackers to evade traditional network barriers. These applications, particularly externally facing, web-based ones, represent a significant opportunity and risk to every organization. According to research by Gartner Group and Symantec, close to 90% of software attacks were aimed at the application layer3. Once application vulnerability has been exploited, a company is at risk not only for potential loss of vital customer or company data, but may even be open to additional attacks against other systems within the company’s network.

View the White Paper

Share or bookmarklet this web page at: