With data breaches through third-party applications lighting up news headlines left and right, the scrutiny on cohesion between software vendors and their customers is at an all time high. And it should be high because as we noted in our State of Software Security Supplement Report 90% of third-party code does not comply with enterprise security standards such as the OWASP Top 10.

As a result of the large and growing footprint of third-party software in the enterprise, regulatory bodies such as the OCC and industry organizations such as FS-ISAC, OWASP and the PCI Security Standards Council are now placing increased focus on controls required to mitigate the risks introduced by third-party software.

That's why the next question in our Future of Application Security series is:

What's the best way to work with vendors and suppliers on application security?

Watch Our Other Video Surveys

About Neil DuPaul

Neil manages the blog pipeline at Veracode, often by fending off eager contributors with a stick. He manages much of the Veracode web presence while also motivating the more introspective Veracoders to be social. Lover of sports and outdoors, and a SERP enthusiast, hit him up on Twitter here.

Comments (0)

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.