What is a Worm?

Along with “computer virus,” the term “computer worm” has become a highly familiar phrase thanks to the rapid rise and media coverage of cyber threats in recent years.

But what is a worm and what danger does it pose to your system or your organization? Here’s a brief primer on “What is a worm?” and what you can do to prevent them.

What Developers Don't Know About Security (But Should)

Get the eBook

Worm Definition

So, what is a worm exactly? A worm is among the most common types of malware – a bit of computer code that is designed to cause harm to a host network by overloading servers or consuming bandwidth. Some computer worms may also include “payloads” that can damage systems, steal data or delete files.

What is a worm’s method of propagating?

While computer viruses are spread when users run a program or open a file, computer worms have the ability to spread automatically without human intervention. Worms can self-replicate, creating multiple versions of themselves to spread to other computers.

What is a worm’s greatest threat to a system?

A worm may be used to create a backdoor that allows the host system to be controlled by other computers and used to spread spam or perform denial-of-service attacks.

What is a worm security test?

In addition to anti-virus protection, security testing is critical to preventing worms. Application security tests can identify vulnerabilities like cross-site scripting or buffer overflow that may allow attackers to access a system and initiate a worm.

What is a worm prevention solution?

As a leading provider of application security testing services, Veracode providesSaaS-based, on-demand technology that can test applications for a wide variety of flaws and vulnerabilities. Our suite of comprehensive testing services can be easily integrated into waterfall software development, agile development and other methodologies, allowing developers to find and fix flaws at any point in the process.

Our services include:

  • Veracode Static Analysis IDE Scan, a solution that runs in the background of an integrated development environment to identify flaws as code is being written and to provide immediate remediation advice to developers.
  • Veracode Static Analysis, a service that scans binaries to identify vulnerabilities in code that is built, bought or assembled.
  • Veracode Software Composition Analysis, a service for identifying vulnerabilities in commercial and open source code.
  • Veracode Web Application Scanning, a service that discovers and helps to secure web applications with lightweight and authenticated scans.

Learn more about “What is a worm?”, or visit Veracode’s AppSec knowledgebase to get answers to questions like “What is sequel injection?” and “What is an integrated development environment?”

Secure Coding Handbook

Learn best practices from the pros at Veracode.

Get the Handbook