View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
February 17, 2010

Top 25 programming errors uncovered

Buyers urged to hold suppliers more accountable for buggy software

By Vinod

A list of the 25 most common programming errors that undermine firms’ security has been released by a band of 30 global security experts.

The aim of the list is to highlight the need for security to be embedded earlier into the software development lifecycle.

Cross-site scripting – the failure to secure web page structure – was identified as the biggest threat by the US-funded group of government agencies and suppliers, which include McAfee and the National Security Agency. This was followed by the familiar faces of software vulnerability errors that cause SQL injection attacks and programming errors that cause buffer overflow. The whole project was orchestrated by research and development organisation Mitre and SANS Institute.

One use of the list could be to create standard contract language between software developers and their buyers, ensuring that buyers would not be held liable for any software containing shoddy code. Ultimately this would make suppliers more accountable for any problems with the software.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.