The trusting attitude of some companies towards web applications is leaving them exposed to threats with a large number failing to meet security standards.
The latest research into the state of software from Veracode has revealed that 84% of web applications used by public companies were deemed unacceptable when put up against industry standards.
Even non-web applications used in backend operational tasks were well below the standard with 63% not meeting security standards.
One of the growing threats the Veracode report also identified was the use of third-party suppliers and the lack of checks that were taking place of the application developments they introfuced into the system.
"Companies - particularly public ones - are beginning to be measured by regulators and investors on the strength of their cybersecurity solution and ability to protect intellectual property and customer data. This is a fundamental shift," said Chris Wysopal, founder, CISO and CTO, Veracode.
"Over the last year some of the most prominent breaches that were carried out against the most preeminent names in business took advantage of weaknesses in software applications to infiltrate traditional perimeter defence security controls. This should be a wake up call. Particularly in public company disclosures, the issue needs to be discussed in much more detail," he added.