CyberNews Briefs

79% of Third-Party Libraries in Apps Are Never Updated

According to a recent analysis conducted by Veracode, 79% of third-party libraries are never updated after including them in a codebase. Most libraries can be easily updated without disrupting application functionality, according to Veracode. However, the company analyzed the results of 13 million scans of 86,000 customer repositories containing more than 301,000 software libraries. Veracode also surveyed roughly 2,000 developers to understand the use of third-party software.

Since third-party libraries are constantly changing, Veracode’s findings present concerning news for developers. Veracode also found that when the third-party libraries are updated, the vulnerabilities that are detected are fixed within one hour and one week. Therefore, updating the libraries is critical to app security. The lack of updated libraries is largely due to the lack of contextual information about how an outdated software library might impact the application, says Veracode.

Read More: 79% of Third-Party Libraries in Apps Are Never Updated

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.