Cenzic Study Finds Continued Alarming Rise in Web Application Vulnerabilities

<p><strong>Santa Clara, Calif. &mdash; July 31</strong><br />Cenzic Inc., a provider of application vulnerability assessment and risk management solutions, has released its &quot;Application Security Trends Report – Q2 2007,&quot; which finds that, once again, organizations are failing to optimize their Web application security methods. </p><p>Although this report highlights the top 10 vulnerabilities from published reports in Q2 2007, Cenzic estimates there are thousands of vulnerabilities that remain unpublished<br />because of the lack of reports and the vast amounts of home-grown applications. </p><p>It is estimated that there are more than 100 million Web<br />applications that facilitate transactions and collection information, yet fewer than 5 percent of applications are tested for vulnerabilities. </p><p>The report provides a thorough analysis of reported vulnerabilities, Web application probes, attack statistics and key findings.<br /><br />&quot;We are at a critical stage when it comes to securing Web applications &mdash; with less than 1 percent of applications tested, millions of applications are vulnerable and ripe for hackers,&quot; said Mandeep Khera, Cenzic vice president of marketing. &quot;Even the organizations that do test are still focused on testing only the applications in the development or quality assurance stage. </p><p>&quot;With 99 percent of the applications in the production stage at any given point, these corporations are extremely<br />exposed and vulnerable &mdash; they will get hacked. It&#39;s not a question of &#39;if&#39; but &#39;when.&#39;&quot;</p><p>Tom Stracener, Cenzic senior security analyst, agreed.&nbsp; </p><p>&quot;Our analysis for Q2 illustrates a very high percentage of published vulnerabilities in Web technologies, similar to the Q1 findings,&quot; he said. &quot;This…



Posted in Uncategorized|


Powered by WebDesk