Connect with us

Tech

Security Debt in EMEA Escalates Amid Rising Cyber Threat: Veracode Report Reveals Urgent Need for AI-Powered Remediation and Application Security Posture Management

– Two Thirds of EMEA Organizations Grapple with Security Debt and Nearly Half Have
Debt Considered “Critical”

– 80% of Third-party Code Has Critical Security Debt—Significantly Higher Than the
Global Averag

Veracode , a global leader in application risk management,
today unveiled the EMEA snapshot of its annual State of Software Security (SoSS) 2024 report,
revealing worrying levels of security debt in organizations across Europe, the Middle East and
Africa.
Veracode’s research found 68 percent of EMEA organizations harbor some level of security
debt, while 46 percent have high-severity persistent flaws in code, classified as ‘critical’ security
debt. These high-severity flaws represent the greatest risk to applications and are a ticking time
bomb with the potential for catastrophic breaches.
In a world where every interaction with an application can be a potential entry point for cyber
attackers, understanding and managing security debt is more crucial than ever. Security debt,
defined for this report as software flaws that remain unfixed for longer than a year, can build up
when developers lack time or resources to address potentially dangerous flaws. Over time, these
flaws accumulate, making organizations increasingly vulnerable to attackers.
Chris Eng, Chief Research Officer at Veracode, said, “The findings of this year’s EMEA SoSS
report are a wake-up call for organizations in the region. Businesses should have a laser focus on
remediating critical security debt first, given these flaws present the highest risk.”
Developers tasked with triaging and fixing flaws manually often fall short in tackling growing
security debt, with slow remediation timelines and prioritization to blame. Analysis of
remediation timelines in EMEA found it takes organizations using manual methods an average
of 19 months to remediate flaws in third-party code, compared to nine months for first-party
code. With such a vast number of flaws to address, organizations must prioritize which
vulnerabilities to fix first, especially critical flaws.
When it comes to sources of security debt, the report found 84 percent of security debt overall
comes from first-party code developed in-house. Meanwhile, 80 percent of critical security debt
stems from third-party code, which often flies under the radar but can be just as dangerous for
EMEA organizations. Crucially, the critical security debt statistic is considerably higher than the
global rate of 65 percent.
Leveraging AI for Vulnerability Remediation

While AI code generators are increasingly used by developers to create software because of the
speed and efficiency they bring, they don’t always produce secure code. Indeed, recent research
found 36 percent of code generated by the AI-powered GitHub CoPilot tool contained security
flaws.
AI can also be used to burn down security debt, supporting developers and security teams by
dramatically reducing the time to fix vulnerabilities. Eng said, “AI-powered remediation tools
can save teams a significant amount of time by automating fix recommendations and tackling
flaws at scale. For example, our AI-powered remediation solution, Veracode Fix, has slashed fix
times for common vulnerabilities from days to minutes, significantly enhancing developer
productivity.”
Mitigating Security Debt in a Complex Environment
With three fifths (60 percent) of all flaws in EMEA organizations considered neither security
debt nor critical severity, it becomes easier and more manageable for developers to focus on
fixing the four percent that constitutes the highest risk. Once addressed, organizations can then
go on to tackle non-critical security debt or more recent critical flaws, based on their risk
tolerance and capabilities.
For those seeking prioritization guidance on security debt, Application Security Posture
Management (ASPM) tools can continuously track risk through the collection, analysis and
prioritization of security issues across the software development cycle.
ASPM tools have become more popular as they offer a comprehensive, unified view of risk
across application stacks, and facilitate the remediation of issues. Longbow, powered by
Veracode, delivers ASPM to get to the root cause of the issue through contextual analysis and
suggests the best next actions to reduce the most risk with the least amount of effort.
Eng closed, “The prevalence of security debt among EMEA organizations highlights the need for
immediate action to protect businesses against future breaches. Security leaders and developers
should focus on patching the most critical flaws that introduce the most risk given their context.
AI-powered security solutions that scale remediation efforts will enable teams to tackle their
growing security debt more efficiently and reduce the amount of time vulnerabilities can be
exploited.”

 

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech

Vertiv Introduces Fully Populated, High-Density Lithium Battery Cabinets for Fast, Cost-Efficient Installation in HPC Data Centers

Meeting the urgent need for solutions supporting high-density
computing in increasingly crowded data center facilities, Vertiv a global provider of
critical digital infrastructure and continuity solutions, today introduced Vertiv™ EnergyCore battery
cabinets. Factory assembled with LFP (Lithium-Iron-Phosphate) battery modules and Vertiv’s
internally-powered battery management system, Vertiv EnergyCore cabinets are available globally
and are qualified for use with most current and legacy three-phase Vertiv™ uninterruptible power
supply (UPS) systems, including the recently launched Vertiv™ Trinergy™.

Vertiv EnergyCore cabinets are optimized for five minutes end-of-life runtime at 263kWb per each
compact, 24” wide (600mm) cabinet, and operate across a wide temperature range, making them
suitable for high-density environments. Lithium batteries are more compact and lighter than VRLA
alternatives, allowing users to deploy fewer battery cabinets in most applications. An internal two-
hole lug eliminates the need for a conduit box, and the cabinets require no on-site external control
wiring, reducing deployment time and cost compared to traditional on-site assembly. The cabinets
are equipped with Vertiv’s intuitive interactive touch screen HMI display to provide visibility and
control of the cabinet, operating system, and the installed batteries.

The integrated battery management system is powered by the Vertiv EnergyCore batteries,
removing the requirement for an external power source and simplifying installation. It provides
lifetime onboard data storage, tracking performance over battery charge-discharge cycles, service
events, and enabling accurate state-of-health reports that can be used for warranty support and
predictive analytics. Remote battery monitoring is available via Vertiv™ Alber™ Battery Xplorer
Enterprise.

“The proliferation of artificial intelligence and other high-performance computing applications is
putting a premium on the ability to deliver more power in smaller, hotter spaces,” said Milind
Paranjape, vice president of energy storage at Vertiv. “With our Vertiv EnergyCore battery cabinets,

we are delivering exactly what our customers and our industry need – compact, high-density energy
storage capable of operating safely and optimally. Simply put, these battery cabinets are designed
for the emerging mission-critical needs of high-density computing environments.”

The modular design of Vertiv™ Trinergy™ allows each UPS core to be paired with dedicated
Vertiv™ EnergyCore battery cabinets in a distributed architecture, enabling uninterrupted service for
critical applications. Due to the density of the Vertiv EnergyCore design, only two lithium-ion battery
cabinets are needed to support each 500kW Trinergy™ UPS core, versus the three cabinets that are
required by most suppliers.

Vertiv EnergyCore is UL 1973 listed and has been successfully tested for compliance to UL 9540A
standard for protection against thermal runaway fire propagation in battery energy storage systems,
which, according to NFPA 855 ESS installation standards, means the three feet (92cm) spacing
requirements between racks can be waived by the Authorities Having Jurisdiction. This can save
space and speed deployment.

Continue Reading

Tech

M42’s Environmental Sciences team wins Biotechnology – Environmental Services Award at Middle East Technology Excellence Awards 2024

M42’s Environmental Sciences team has won the prestigious Biotechnology – Environmental Services Award at the Middle East Technology Excellence Awards 2024 for its groundbreaking initiative, Pioneering Marine Conservation: Advanced Genomic Sequencing and AI for Sustainable Biodiversity Management.
The award was a collaborative achievement, as M42 worked closely with its partners, the Environment
Agency – Abu Dhabi (EAD) and Bayanat, a UAE-based company specializing in geospatial data analytics
and AI solutions. This partnership demonstrates how cross-disciplinary collaboration can tackle complex
environmental challenges, bringing together expertise in genomics, environmental science and data
analysis.
The award highlights M42’s innovative approach to marine conservation, utilizing cutting-edge genomic
sequencing and artificial intelligence (AI) technologies to monitor and manage marine ecosystems
sustainably. The project plays a vital role in protecting marine biodiversity by analyzing genetic data to
track species diversity and health while leveraging AI to predict and mitigate environmental threats. This
pioneering initiative is positioned to reshape the region’s approach to marine conservation, aligning
with global sustainability goals.
Commenting on the win, Dr. Wael Elamin, Medical Director, Environmental Sciences, M42 said: “We are
incredibly honored to receive this recognition. Our work in marine conservation is driven by a deep
commitment to sustainable environmental practices. Through the integration of genomic sequencing
and AI, we are creating more efficient and effective ways to preserve marine biodiversity, not just for
the UAE, but for the entire region and beyond. This award is a testament to our team’s dedication and
innovation. Our tech-enabled health solutions for people and the planet are enabling us to predict and
prevent health issues across the world and contribute to global efforts to counter the threats to our
oceans and environment.”
The team’s innovative project demonstrates the potential of biotechnology in environmental services
and reinforces M42’s commitment to reshaping the future of health in a sustainable manner with
technology as a key enabler. The award recognizes M42’s innovative use of AI-driven data analysis,
providing critical insights into marine ecosystem health, while supporting local and global efforts to
combat environmental degradation, aiming to make a lasting impact on biodiversity for generations to
come. The Middle East Technology Excellence Awards celebrate organizations that have made significant
strides in leveraging technology to drive transformation across industries. The awards highlight a diverse range of sectors and innovations, recognizing those at the forefront of technological advancement in the region.

Continue Reading

Tech

Green Mobility Hall at WETEX 2024 highlights the latest innovative solutions for green transport

The Green Mobility Hall at the Water, Energy, Technology and Environment Exhibition (WETEX) hosts
leading local and international companies specialising in mobility, transport and green mobility logistics. The Green Mobility Hall highlights the most prominent innovative solutions and practices that use the latest technologies in the individual and public sustainable transport sector. These solutions aim to reduce the operational and infrastructure costs of electric vehicles (EVs), improve energy and resource efficiency in transport and promote the use of hydrogen and low-emission or carbon-free fuels.
Dubai Electricity and Water Authority (DEWA) organises the 26th WETEX from 1 to 3 October 2024 at the Dubai World Trade Centre. “WETEX supports the National Electric Vehicles Policy, Dubai Green Mobility Strategy 2030 and the UAE’s
Net Zero 2050 Strategy. It also promotes the UAE’s leading position in the region in the adoption of EVs, as the UAE has one of the highest ratios of charging stations to EVs in the world. WETEX is a global platform to highlight the latest technologies in energy, water and the environment, as well as all the other sectors that contribute towards achieving net zero and reducing greenhouse gas emissions. According to the Sixth Assessment Report of the Intergovernmental Panel on Climate Change, 23% of net global GHG emission came annually from the transport sector, which generates (8.7 GtCO2-eq). WETEX contributes to achieving national and global climate aspirations to lower the carbon footprint in the transport sector and accelerate climate action,” said HE Saeed Mohammed Al Tayer, MD & CEO of DEWA and Founder and Chairman of WETEX.
“WETEX enhances DEWA’s role in encouraging the use of green and sustainable mobility, while strengthening the UAE and Dubai’s leadership in sustainable transport across the region. DEWA’s EV Green Charger initiative, launched in 2014, led to the creation of the region’s first public charging infrastructure for electric vehicles. The advanced green charging stations infrastructure in Dubai consists of more than 700 in collaboration with stakeholders, including around 400 Green Charging Stations operated by DEWA. This number will increase in the coming years. This includes around 400 Green Charging Stations operated by DEWA,” added Al Tayer.

Continue Reading

Trending