Search - User Network
Search - Video
Search - Categories
Search - Contacts
Search - News
Search - News Feeds
Search - Tags

NHS trusts fail to regularly scan for app vulnerabilities

A freedom of information (FoI) request revealed the unsecure practices of many NHS trusts around securing networks and systems from cyber attacks. Nearly 45% of those that responded to the request (27 out of 36) admitted that they scan for app vulnerabilities only once a year.

OWASP policy compliance failed

This finding reflects what was uncovered by Veracode in its recent State of Software Security 2016 report: the healthcare industry has the lowest vulnerability fix rate, with 67% of healthcare applications failing OWASP policy compliance. (The Open Web Application Security Project focuses on improving the security of software by providing impartial and practical information about web apps to third parties to help them make informed decisions).

How often should web applications be scanned?

There is no common rule but, generally speaking, web applications should be scanned every quarter or any time new security patches are applied, as well as any time new web applications are added to the infrastructure.

The cost of a penetration test is much lower than that of a data breach

Many healthcare organisations argue that they don’t have the budget or resources to regularly scan

Read more