The primary reason is not that their web server software is out of date, however. Instead, it is largely the result of developers running vulnerable web applications on their computers even when they are protected by a firewall, therefore jeopardizing a corporation’s network and data.
While firewalls are essential for security and protecting sensitive data, they are not a one-fix solution for vulnerable web applications. Unfortunately, many assume that security measures like firewalls are enough to prevent “bad actors” from getting inside a developer’s web browser.
The survey of U.S.-based software developers, sampled from a broad cross-section of vertical markets, government entities and organization sizes, found:
– 81 percent of respondents run their software on a web server
– 89 percent claimed they keep their web server software up to date
– 52 percent say they run vulnerable/undeveloped web applications on their server
– 55 percent are running web apps in development on servers directly connected to the internet
– 32 percent admitted to hardening the web applications on their test environment
