Let’s be clear: There is no such thing as an invulnerable application. Some have more critical vulnerabilities than others as we discovered this week with the Heartbleed bug, but any application can be exploited given a dedicated attacker. According to the HP 2013 Cyber Risk Report, though, the application itself is not to blame for most vulnerabilities—you are.

HP compiled data from 2,200 applications scanned by HP Fortify on Demand and reports that 80 percent of the vulnerabilities discovered were not the fault of the application code itself.

To read this article in full or to leave a comment, please click here