Web Application Security - How to Minimize Prevalent Risk of Attacks
Vulnerabilities in web applications are now the largest vector of enterprise security attacks. Last year, almost 55% of vulnerability disclosures affected web applications. At year end, 74% of web application vulnerabilities had no available patch for remediation, according to that report. Stories about exploits that compromise sensitive data frequently mention culprits such as "Cross-Site Scripting," "SQL Injection," and "Buffer Overflow." Vulnerabilities like these fall often outside the traditional expertise of network security managers. The relative obscurity of web application vulnerabilities thus makes them useful for attacks. As many organizations have discovered, these attacks will evade traditional enterprise network defenses unless one take new precautions.