News Source: sdtimes.com
DeepCode reveals the top security issues plaguing software developers
News Source/Courtesy: sdtimes.com

Courtesy: Jakub Lewkowicz | News Source: sdtimes.com

DeepCode has revealed the most important bugs as well as the top security vulnerabilities. The analysis comes from the company’s AI-powered code review tool, which analyzed hundreds of thousands of open-source projects to narrow down the vulnerabilities that happen with the most frequency. 

According to the analysis, file I/O corruptions are the biggest general issue while missing input data sanitization is the top security vulnerability.

“The problems that come up with are pretty serious in file corruption, which can lead to data loss or unusable data being being processed and an application crashing the cause of it,” Boris Paskalev told SD Times. “But even worse, it can actually end up using corrupted data without knowing and the application just keeps it working such as in sectors like aeronautics and driving cars, which could be detrimental or dangerous.” 

Paskalev explained that many of these vulnerabilities are occurring because software has become drastically more complex due to the large amounts of libraries being used. In addition, there are more hackers now trying to exploit these vulnerabilities. He added that the list of vulnerabilities is not exhaustive and developers should look into ones that are tailored to their type of application. 

“The hard part is that not all developers are trained or have the time to actually spend to actually search for them and a lot of them are really tricky,” Boris Paskalev told SD Times. “Even during a normal code review uh, you can oftentimes miss some of them and the main reason is you might not necessarily be looking for this specific thing.”

According to DeepCode, the most important bugs include: 

File I/O corruptions

API contract violations

Null references

Process/threading deadlock problems

Incorrect type checking

Expression logic mistakes

Regular expression mistakes

Invalid time/date formatting

Resource leaks

Portability limitations

The most important security vulnerabilities include:

Missing input data sanitization

Insecure password handling

Protocol insecurities

Indefensive permissions

Man-in-the-Middle attacks

Weak cryptography algorithms

Lack of information hiding

 “As developers enter a new year and decade, we want them to be aware of the most important coding problems for 2020 and beyond,” said Paskalev. “With DeepCode by their side, they’ll be able to make sure that these issues and countless others don’t affect their software.”

Fill the numbers here
If not readable, please refresh.
Refresh

News Source: sdtimes.com

You Might Also Like

Leave A Comment

Don’t worry ! Your email address will not be published. Required fields are marked (*).

Fill the numbers here
If not readable, please refresh.
Refresh

Fill the numbers here
If not readable, please refresh.
Refresh

-: Disclaimer :-


This article has been aggregated from sdtimes.com and they maybe/are the copyright owners of the same. If you are the Author/Copyright owner of this article and want us to remove the same then send an email to admin@webhosting.news so that we can delete it immediately. We sincerely regret and apologies for any inconvenience caused to you due to the same. Though it is your decision but please take note that the link to your website and the article have been given above, within and on the bottom of the article.

Popular Posts

Recommended Posts

Voting Poll