Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

State of Application Security Vol. 4

4,895 views

Published on

Arxan Technologies inforgraphic on the current state of application security.

Published in: Technology
  • Visit this site: tinyurl.com/sexinarea and find sex in your area for one night)) You can find me on this site too)
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Just got my check for $500, Sometimes people don't believe me when I tell them about how much you can make taking paid surveys online... So I took a video of myself actually getting paid $500 for paid surveys to finally set the record straight. I'm not going to leave this video up for long, so check it out now before I take it down! ◆◆◆ https://tinyurl.com/make2793amonth
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • And if you've ever taken a girl home, gotten hot and heavy and then felt embarrassment and PANIC when you take off your pants and see the look of DISAPPOINTMENT on her face, you need to go check this out right now. ▲▲▲ https://tinyurl.com/yaygh4xh
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Sex in your area for one night is there tinyurl.com/hotsexinarea Copy and paste link in your browser to visit a site)
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • let's be honest. There are a lot of crazy devices, pumps and p.ills that all claim to be the solution to adding BIG length to your penis. However, most, if not all of these solutions don't pan out, or the growth is only temporary. I guess you could always consider surgery, but if you are anything like me, the thought of having a sharp metal object anywhere near your junk makes you quiver with blood curdling fear :-) Well, it just so happens my friend John, who I met at a men's health conference a few years back, has literally stumbled upon the key to natural male growth. Unlike other systems out there, his involves two unique components: 1. Restarting biological growth that boys experienced during puberty, turning them into men. 2. Performing tested and targeted exercises to encourage blood flow and supersize growth. John has just released a completely ZERO COST enlargement exercises guide where you can discover the proven techniques to start REAL and PERMANENT growth. Download the enlargement exercises guide here ●●● https://tinyurl.com/ydaetwbk
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

State of Application Security Vol. 4

  1. 1. STATE OF APPLICATION SECURITY VOL. 4, 2015 STATE OF PIRACY 1.6M 1.96M ASSETS IS EXPECTED NUMBER OF PIRATED Pirated software found between Jan. 2012 and Mar. 2015 BREAKDOWN OF SOFTWARE PIRACY Between 2012 and 2014 the average Android Apps Key Generators Apple Software Windows Desktop Software Apple Apps number of pirated assets found per year 2012-2014 AVG./YR 2015* was 1.6M. In 2015, the total number of 41% 17% 13% 9% 5% KEY9,000 GENERATORS FOUND Software that generates product licensing keys to enable unauthorized access to software or digital media releases. What are they? APPLICATION RISKS ENABLING PIRACY DISTRIBUTION MODEL FOR REVERSE-ENGINEERING APPLICATION TAMPERING With readily available tools, hackers can quickly convert unprotected binary code back to source-code, repackage and distribute. VOLUME OF PIRATED RELEASES SPEED OF ILLEGAL DISTRIBUTION 100’s 100,000’s 0 sec 33 mins Scene FTP Top Sites Private Torrent Sites Public Sites Cyber- lockers Applications can be modified or injected with malware at run-time to steal keys, and alter execution in line with hacker objectives. 23.76% OF GLOBAL INTERNET BANDWIDTH IS CONSUMED BY TRAFFIC INFRINGING UPON COPYRIGHT. ECONOMIC IMPLICATIONS OF PIRACY 2 pirated assets is expected to hit 1.96M. (Source: iThreat Cyber Group & Arxan Technologies) TO INCREASE 22% PIRATED SOFTWARE IN 2014, THE UNMONETIZED VALUE OF PIRATED ASSETS REACHED $836,840,300,000$652 B $74 B $73 B $18 B $12 B $6 B Software Games Movies TV Music Adult Content UNADDRESSED APPLICATION VULNERABILITIES M1 Weak Server Side Controls M2 Insecure Data Storage M3 Insufficient Transport Layer M4 Unintended Data Leakage M5 Poor Authorization M7 Client Side Injection M9 Improper Session Handling M10 Lack of Binary Protections 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Jan-2015 June-2015 OWASP MOBILE TOP 10 97% OF MOBILE APPS LACK THE PROPER BINARY PROTECTIONS, LEAVING THEM VULNERABLE TO PIRACY. 50% OF ORGANIZATIONS HAVE ZERO BUDGET ALLOCATED TO PROTECTING MOBILE APPS. (M6 and M8 not included in analysis) A recent study analyzed over 96,000 Android apps to measure how well they addressed the OWASP Mobile Top 10 vulnerabilities. The graph below shows the percentage of apps that failed to address these vulnerabilities over time. RECOMMENDATIONS TO MITIGATE SOFTWARE PIRACY 35% 30% 25% 20% 15% 10% 5% Application Layer Data Layer Network Layer RETHINK YOUR SECURITY INVESTMENT APPROACH Consider how much money is spent on application security versus other areas. BUILD RUN-TIME PROTECTIONS INTO YOUR APPLICATIONS Implementing run-time protection will enable self-defense against tampering and malware attacks. Security Risk Spending A 2015 study from Ponemon Institute, sponsored by IBM Security, found that application security spending was not PROTECT YOUR CRYPTOGRAPHIC KEYS White box cryptography solutions can mask both static and dynamic keys. SECURITY RISKS VS. SPEND (Source: MetaIntelli, 2015 Research) Sources: 1. iThreat Cyber Group & Arxan Technologies 2. Study by NetNames/Envisional, sponsored by NBC Universal 3. Tru Optik, 2014 Research 4. MetaIntelli, 2015 Research 5. Ponemon Institute study, sponsored by IBM Security, Mar 2015 3 4 5 SECURITY INVESTMENTS NOT IN LINE WITH LEVEL OF RISK in line with the level of application risk. For additional details & full report, visit Arxan.com

×