As Mozilla rocks its own software security boat, Fortify tells companies to invest in software security testing

(PresseBox) ( San Mateo, CA, )
Reports are coming in that the Mozilla Foundation has warned browser users that its popular Firefox web browser contains a root certificate authority that doesn't seem to have a known owner.

This issue, says Fortify Software, highlights the fact that open source software must be tested for security vulnerabilities - and fixed -- before it is used in any business.

According to Richard Kirk, European director with the application vulnerability specialist, whilst this tilts the balance in favour of Microsoft's Explorer, there are also known security issues with that web browser as well.

"In all software development, there is a tradeoff between convenience and taking appropriate security measures, but it's situations like the one with Firefox that highlight the fact that open source software has - generally speaking - more issues than commerciallydeveloped applications," he said.

"Having said that, there are tremendous cost savings, as well the widespread availability of plugins, that open source software brings to the better business table. This means that, with good security testing in place, a major company can still use open source and save money at the same time," he added.

Kirk went on to say that one important feature of open source software is that it can often be ruggedised, that is, made more suitable for commercial deployments, using a security testing process that ensures the software is more secure.

"The important thing to stress, however, is the need for software security testing to identify and remove vulnerabilities from applications, rather than simply trying to block attacks on software by securing the network," he added.

For more on the Mozilla root certificate issues:

For more on Fortify Software:
Für die oben stehenden Pressemitteilungen, das angezeigte Event bzw. das Stellenangebot sowie für das angezeigte Bild- und Tonmaterial ist allein der jeweils angegebene Herausgeber (siehe Firmeninfo bei Klick auf Bild/Meldungstitel oder Firmeninfo rechte Spalte) verantwortlich. Dieser ist in der Regel auch Urheber der Pressetexte sowie der angehängten Bild-, Ton- und Informationsmaterialien.
Die Nutzung von hier veröffentlichten Informationen zur Eigeninformation und redaktionellen Weiterverarbeitung ist in der Regel kostenfrei. Bitte klären Sie vor einer Weiterverwendung urheberrechtliche Fragen mit dem angegebenen Herausgeber. Bei Veröffentlichung senden Sie bitte ein Belegexemplar an