Experts Predict Record 20,000 CVEs for 2020:
This year could see a record breaking 20,000 vulnerabilities reported, with major increases in mobile bugs already in 2020, according to Skybox Security.
The security vendor's midyear update to its 2020 Vulnerability and Threat Trends Report contains some concerning findings for organizations as they struggle to manage cyber-risk at a time of mass remote working.
With 9000 vulnerabilities reported in the first half of the year, the firm is predicting the final total for 2020 could top twice as much as that. The figure for new CVEs in 2019 was 17,304. Without risk-based automated patch management systems, organizations struggle to mitigate these issues, leaving them exposed to attacks.
Part of this increase is due to a surge in Android OS flaws: these increased 50% year-on-year, according to Skybox.
(Score: 2) by maxwell demon on Wednesday July 22 2020, @06:30AM
The important part here is “as soon as that error occurs.” The point of writing tests is to get as many bugs as possible occur in your test suite instead of after the code being employed, so you can fix them before your customer gets to see them.
Also, you also want to find bugs that currently can't actually be triggered because the current code happens to never call the function with the triggering parameters, but which could happen after a future change of the calling code.
Oh, and if you are not able to write correct tests in a test suite, you'll also not be able to test properly in-code. Also note that the person who writes the code is not necessarily the same who writes the test in the test suite.
The Tao of math: The numbers you can count are not the real numbers.