• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech Guide
  • Home Improvement
  • Gadget & Apps
  • Deals
  • News

Veracode Report Slams Developers for Crypto Implementation Failures

By Guest Authors

While the most common cause of data breaches affecting the public and private sector is often the shortcomings on the part of an end user, developers also have a share of liability for what brings about this cyber incident.

According to a new Veracode report, most developers do not have sufficient expertise to implement encryption in their products. As a result, cryptographic keys are more often than not easy to decode for attackers.

encryption

For most of data breach incidents, encryption issues are one of the vulnerabilities that have a serious impact on applications across various sectors and industries. In particular, cryptographic flaws involve wrong Transport Layer Security certificate validation, sensitive data stored as a text, unencrypted information, and hard-coded cryptographic keys, among others.

Both mobile apps and Web-based applications were affected by this shortcoming on the part of developers, although there are quite some level of differences as to the number of apps in each platform affected.

Although most applications used by many companies and organizations need to have encryption embedded in them to comply with data security laws, some developers are putting it in their products in a lax manner, according to Veracode.

Part of the problem is the lack of cryptography training for many developers. That’s why they have a poor understanding about security, Veracode said. It is no small issue, therefore, that a lot of applications with encryption components could be relied on to effectively counter attacks.

Then there is the lack of standardization as some developers develop their own encryption algorithms, mostly by not following standard cryptographic application programming interfaces offered by Java or some other widely used programming languages.

It is highly recommended that programmers first review the certificates with thorough care, secure encryption keys and implement hard-to-crack pseudo-random number generators. What is needed here is proper education for developers to help them gain insights into the dire consequences of not implementing a robust encryption.

From the point of view of other security experts, complex crypto libraries are also part to blame for this encryption issue. That is so because of the gap in language. Crypto libraries are natively developed for cryptographers, not for developers.

So it is not only a matter of educating developers, but also designing cryptographic software in a way that is easy to understand for developers as well. Then it would be smoother to implement robust encryption without taking the extra mile of understanding cryptographic languages.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Footer

Oleap Archer AI Meeting Headset Review: Smart Assistant or Redundant Tech?

SUNSEEKER ELITE X7 Robot Lawn Mower Review – Does Automated Lawn Care Work?

OptiSolex 400W Portable SolarBag Kit Review

Linkind Smart Solar Spotlight SL5C Review – Solar Smarts Done Right

Follow TechWalls

YoutubeFacebookXInstagram

Recent Posts

  • Water from dishwasher backing up in the kitchen sink – How To Fix It?
  • Stop Leaking On the Nut of BrassCraft Compression Valve
  • Oleap Archer AI Meeting Headset Review: Smart Assistant or Redundant Tech?
  • Father’s Day Gift Idea: garden pond waterfalls and fountains

Copyright © 2025 · All Rights Reserved