The growth of Android phones in the marketplace has triggered a huge upward curve in creation and deployment of malware, with Android being responsible for 92% of all known mobile malware. This isn’t a statement against Android, it is proof of their dominance in the market, with over 67% marketshare.
At the Gartner Summit this week, three companies released comprehensive security reports. These are in addition to the Sonatype ‘Open Source Security Survey Report” and the WhiteHat “Website Security Statistics Report”. Between the five of these, we should be able to get a good assessment of the state of application security in today’s marketplace.
Over the next few weeks, I’ll be taking a deep dive into each of these reports as part of an ongoing series on surveys and research within the industry.
PaloAlto Networks: Application Usage and Threat Report
“The Application Usage and Threat Report is the first report of its kind to provide an analysis of enterprise application usage and the associated threat activity. The report summarizes real data collected from live worldwide traffic in: ”
- 3,000+ organizations
- 1,395 applications
- 12.6 petabytes of bandwidth
- 5,307 unique threats
- 264 million threat logs
The Central Repository is a global repository that handled 8 billion download requests for open source Java components last year. That’s 15,000+ components per minute being downloaded! With such a massive amount of activity, I thought it would be interesting to request a weekly update from the Central team so that we can see:
- How many components were downloaded last week
- What were the most popular downloads
- What countries/cities made the most requests
- What industries are most active in downloads
- What were the Top 10 vulnerabilities discovered in the past week
I’ll publish the first weekly status update next week and each week after so that we can start tracking trends that will appear in the data. What else would you like to see in this weekly update? Leave you suggestions in a comment and I’ll see if I can get them included in the report.
Here’s a quick minute and a half video showing what the Central Repository is, if you haven’t heard of it.