Web Application Security - In The News
Application vulnerabilities are the most commonly exploited security threats in the industry. News stories are flooded with security breaches and companies are losing hundreds of dollars per lost record. Sentry App will help keep your business out of the headlines and help protect your biggest asset, your company image. Below you will find a small sample of security breaches in the news and research:
T.J. Maxx Breach Costs Hit $17 Million
"The company announced in its firs quarterly earnings statement that it took a $12 million hit, or 3 cents per share, because of the loss of more than 45 million credit and debit card numbers that were stolen from its IT systems over an 18-month period. It's considered to be the largest customer data breach on record."
"IPLocks, a compliance and database security company, released a report earlier this month estimating that the TJX breach will eventually cost the company $100 per lost record, or a total of $4.5 billion."
-Information Week
Security Breaches Cost $90 To $305 Per Lost Record
"The average security breach can cost a company between $90 and $305 per lost record, according to a new study from Forrester Research. The research firm surveyed 28 companies that had some type of data breach."
-Information Week
SANS, May 2007 - Web Application Security Report
"....Every week hundreds of vulnerabilities are being reported in these web applications, and are being actively exploited. The number of attempted attacks every day for some of the large web hosting farms range from hundreds of thousands to even millions."
-Sans Institute
Alan Paller, SANS institute, Dir of Research, June 2007
..."Organizations that deploy Web applications are facing a massive escalation in attacks by organized crime groups from Eastern Europe and Asia. Government agencies are even more under attack by nation states. Beginning two years ago, these criminal groups began targeting applications in addition to operating systems because they discovered that around 70% of all Web applications had security flaws...and now 80% of new malware is focused on the application layer. Part of the time they are after financially valuable data like credit cards or data of military value, but more and more they are taking private customer or employee data that can be used as a tool for extorting money from the organizations that lost the data."
Gartner
"75% of all attacks are occurring at the application layer"
Gartner
"80% of organizations will experience an application security incident by 2010."
Microsoft Developer Research
64% of developers are not confident in their ability to write secure applications
Mitre
"XSS and SQL injections are #1 and #2 reported vulnerabilities."
Symantec
78% of easily exploited vulnerabilities affected web applications
Gartner
By 2009, 80% of companies will have suffered an application security incident, and, as a result, will react by creating roles in the AD and testing organizations to ensure that security is handled at the application level (0.7 probability.)
Gartner
Through 2008 application security will become an important evaluation criterion, weighted as high as system functionality.
Web Application Security Links
CGISecurity – http://www.cgisecurity.net
CVE MITRE - http://cve.mitre.org
OWASP – http://www.owasp.org
SQL Security - http://www.sqlsecurity.com
Web Application Security Podcasts - http://www.mightyseek.com/category/podcasts/
More Sentry APP Web Application Security Features
|
