The Unfortunate Reality of Insecure Libraries

By Jeff Williams, CEO
Arshan Dabirsiaghi, Director of Research
Aspect Security

80% of the code in today’s applications comes from libraries and frameworks. The risk of vulnerabilities in these components is widely ignored and underappreciated. In partnership with Sonatype, our researchers analyzed over 113 million downloads by more than 60,000 commercial, government and non-profit organizations. We studied the 31 most popular Java frameworks and security libraries downloaded from the Central (“Central”) Repository and discovered that 26% of these have known vulnerabilities. Every organization should be concerned about the security of the components that they use and trust to run their business.

In the media

Please complete the form to obtain your complimentary copy of the study and get practical recommendations and guidance to minimize the risk to your organization.

First Name
Last Name
Your Email
Company Name