iTnews
  • Home
  • News
  • Technology
  • Software

Experts reveal top 25 programming errors

By Iain Thomson
Jan 14 2009 6:42AM
Follow google news

An industry panel of more than 30 US and international cyber security organisations has published a list of the top 25 programming security errors, and warned that the next generation of developers is still not being trained to deal with the problems.

Experts reveal top 25 programming errors
The warning came from experts at the Sans Institute, the US Department of Homeland Security's National Cybersecurity Division and the National Security Agency's Information Assurance division, as well as from private companies like Symantec and Microsoft.

"There appears to be broad agreement on the programming errors. Now it is time to fix them," said Sans Institute director Mason Brown.

"First we need to make sure that every programmer knows how to write code that is free of the top 25 errors, and then we need to make sure that every programming team has processes in place to find, fix or avoid these problems, and has the tools needed to verify that their code is as free of these errors as automated tools can verify."

Common errors include making software barriers much less porous, poor resource allocation and insecure interaction between software tools. Just two of the errors were responsible for an estimated 1.5 million web site security breaches last year.

"With the top 25 we can spend less time working with police after the house has been robbed and instead focus on getting locks on the doors before it happens," said Paul Kurtz, a principal author of the US National Strategy to Secure Cyberspace (PDF) and executive director of the Software Assurance Forum for Excellence in Code.

Add iTnews as your trusted source

Add iTnews As Your Trusted Source Add iTnews As Your Trusted Source
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
errorsnationalprogrammingsecuritysoftwaretop

Related Articles

  • Westpac is embedding AI across its core "flows" Westpac is embedding AI across its core "flows"
  • Microsoft limits employee use of Anthropic's Claude Fable 5 Microsoft limits employee use of Anthropic's Claude Fable 5
  • Aurora Energy to modernise its ERP system Aurora Energy to modernise its ERP system
  • Perth Airport to deploy 70 IT, OT systems for new terminal Perth Airport to deploy 70 IT, OT systems for new terminal
Join our WhatsApp Channel

Partner Content

Scalable AI solutions: secure delivery
Scalable AI solutions: secure delivery
You meet the security standard. Shame no one can see it
Promoted Content You meet the security standard. Shame no one can see it
Why resilient communications are becoming critical infrastructure for modern enterprise IT
Promoted Content Why resilient communications are becoming critical infrastructure for modern enterprise IT
The hidden economics of AI: Why token usage matters more than you think
Partner Content The hidden economics of AI: Why token usage matters more than you think

Sponsored Whitepapers

Are Australian organisations as cyber-ready as they think?
Are Australian organisations as cyber-ready as they think?
Are New Zealand organisations as cyber-ready as they think?
Are New Zealand organisations as cyber-ready as they think?
From visibility to execution: Fixing the SaaS management gap
From visibility to execution: Fixing the SaaS management gap
When cyber risk has no clear owner: A practical guide for senior Australian business leaders
When cyber risk has no clear owner: A practical guide for senior Australian business leaders
Agile in the AI Era: why projects still fail
Agile in the AI Era: why projects still fail

Events

  • iTnews State of Security Breakfast iTnews State of Security Breakfast
  • iTnews State of Data & AI Breakfast iTnews State of Data & AI Breakfast
  • Forrester's AI Forum Sydney Forrester's AI Forum Sydney
  • The 2026 iAwards The 2026 iAwards
  • Security Exhibition & Conference Security Exhibition & Conference
Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Services Australia describes fraud, debt-related machine learning use cases

Services Australia describes fraud, debt-related machine learning use cases
Perth Airport to deploy 70 IT, OT systems for new terminal

Perth Airport to deploy 70 IT, OT systems for new terminal
Microsoft limits employee use of Anthropic's Claude Fable 5

Microsoft limits employee use of Anthropic's Claude Fable 5
Westpac is embedding AI across its core "flows"

Westpac is embedding AI across its core "flows"
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.