Vulnerability Alerts Increase
Threat alerts grew 14 percent year-over-year, Cisco said. Buffer overflows were among the most frequent coding errors exploited by attackers. They were followed by input validation errors, resource management errors and elevation of permissions. Attackers also targeted flaws that provided information leakage, cross-site scripting flaws and code injection errors.
Technology vendors are finding an increasing number of new vulnerabilities, Cisco said. Secure development life-cycle and patching process improvements at independent software vendors could be leading to more software repairs.
More attention to secure software development can help build trust in vendor solutions. A secure development life cycle not only mitigates the risk of vulnerabilities and allows vendors to detect potential defects early in development, but also tells purchasers that they can rely on these solutions.