Legislation in China regarding cyber security is growing. The recent cryptography law enacted on January 1st 2020 puts even more pressure on organisations to create secure applications by ensuring data transferred or stored is encrypted thus making it harder to be exploited by hackers. Static Code Analysis provides a means for developers to identify weak encryption or encryption not being used where it should be.
The financial services industry is falling behind in cyber security - so where should their focus be?
Application security controls and secure coding standards along with weak encryption standards appear to be absent within financial services apps. This makes them wide open to vulnerabilities like data leakage, reverse engineering attacks, and decryption of sensitive data. What needs to be done and what should they focus on?
Software engineers need to pay more and more attention to security issues! One of our engineers, shares some of his highly useful learnings for developers who are new to cybersecurity and writing secure code.