Half of IT security professionals have admitted that they hack their own networks, with 73 per cent doing so to test the strength of their own network defences.
Research was compiled at this year's Infosecurity Europe show among 300 IT security professionals, with 13 per cent admitting to hitting their own enterprise for fun or out of curiosity and three per cent targeting their efforts at the competition.
Meanwhile 57 per cent admitted that the best way to check that their software applications are free of vulnerabilities and secure is to combine all available techniques and solutions, including code and static analysis, web application firewalls, application scanners and pen testing.
Barmak Meftah, chief products officer at Fortify Software, said: “It would appear organisations are frustrated with insecure off-the-shelf solutions, with many obviously feeling there are few alternatives, as they still purchase them. Given that companies have to make a huge investment in applications, whether off-the-shelf, outsourced or built in-house, it is paramount that they use proper procedures (as well as automatic software solutions) to test and strengthen these applications before deployment.
“On the subject of whether hackers can ever be described as having ‘good' intentions, I'd rather be on the side of a hacker working to bring security vulnerabilities to my attention so that I can fix them before deploying an application that exposes my business to risk.”
Watch Trend Micro and SC Magazine discuss the importance of testing and issues surrounding it on SC Studio - http://www.scmagazineuk.com/sc-studio/section/1096/