Survey: Apps at Risk for Reverse Engineering

Some two-thirds of companies with Java, .NET or Open Source applications are at risk of having their apps "reversed engineered," a recent survey of 600 corporations concluded. IDN takes a quick look at the vulnerabilities, and a survey of 600 corporate IT shops.

Tags: Risks, Survey, Controls, Reverse Engineering, Open Source Applications, Java, Corporate Guidance,

One reason: IT doesn't have adequate controls in place to manage risks from (a) vulnerability exploitation, (b) IP theft, (c) privacy violations and (d) piracy and others. Of those surveyed:

  • 27% had no controls in place,
  • 35% relied upon developers to make their own decisions with no policy or corporate guidance to manage these risks consistently and
  • only 36% had both tools to combat reverse engineering and some type of consistent guidance that reflected the company's policies and appetite for risk.

  • "Security, compliance and risk management stakeholders need to reach a consensus on the controls that are appropriate to manage what may otherwise become material risks," the survey states.

    "As .NET and Java applications become increasingly ubiquitous, the risks that stem from uncontrolled access to source code are also increasing proportionately," said Gabriel Torok, President at PreEmptive Solutions, one underwriter of the survey.