Unqork’s CISO Marcos Christodonte II discusses the growing threat code poses to enterprises in his op-ed for Security Boulevard.
Unqork Chief Information Security Officer (CISO), Marcos Christodonte II, wrote for Security Boulevard to discuss how Code Itself is a Growing Security Threat—and how no-code is the only way to quell it.
“GitHub recently disclosed that 99% of the repository’s security incidents are the result of human errors.”
“Developers … are under pressure to move quickly. As a result, the code that creates software often contains significant vulnerabilities on day one; these often go undetected or unresolved until after a major security incident,” he writes. “GitHub recently disclosed that 99% of the repository’s security incidents are the result of human errors.”
Marcos warns that fixing code-based vulnerabilities with new code will not fix the problem. Consider that companies are spending $500 billion every year writing code to build and maintain applications, and then that code becomes legacy almost immediately. And that 91% of codebases studied for the Open Source Security and Risk Analysis (OSSRA) report had open source dependencies that had no development activity in the last two years.
The fix seems daunting, but it’s more simple than it seems. According to Marcos, “We have to stop generating new code.”
Enterprises need to reduce the complexity of their technology ecosystems, shrink their technology footprint to shrink their attack surface, and reduce the lines of code written in their environments that unknowingly create exposures. No-code application building platforms like Unqork is an opportunity to greatly reduce the business risk that code exposes your enterprises to.
You can read the full piece on Security Boulevard’s website.