As the Super Bowl approaches, the Synopsys Cybersecurity Research Center evaluated the 10 most popular Android sports and betting apps through the lens of supply chain security. And the findings aren’t scoring big on cybersecurity.
Many of the apps analyzed were found to use outdated open source components with their associated known vulnerabilities. For reference, two to three years is a long time in the software world. In the apps analyzed, it was found that open source components dated back to 2010.
Although known vulnerabilities in open source components are not necessarily exposed in the app, risk increases with the age of the components and the number of known vulnerabilities. Additionally, outdated components are an indication that development teams may not be managing their open source dependencies, indicating that they are not handling security well overall.
In aggregate, the 10 apps analyzed have over 21.5 million downloads from the Google Play Store.
- Average number of components per app: 125
- Average number of vulnerable components per app: 10
- Average number of vulnerabilities per app: 179
So, are these sports and betting apps safe to use? Some development teams are doing better than others when it comes to managing their open source dependencies. However, consumers do not have this visibility.
With that said, it is important to know how you can protect yourself and your business against any cyberattacks. For all your cybersecurity needs, call TNTMAX at (201) 891-8686, email us at [email protected], and browse our website for more solutions on how to stay safe online.