The total number of security vulnerabilities reported increased 92% over the last year, according to Bugcrowd’s report Priority One: The State of Crowdsourced Security in 2019.
The top five vulnerabilities discovered by security researchers were broken access control, sensitive data exposure, server security misconfiguration, broken authentication and session management, and cross-site scripting—most of which are difficult or impossible to be detected by machines.
While automated security scanners can detect bugs such as XSS, CSRF, and SSI, security professionals and researchers are often needed to find more critical issues, the report stated. Many companies are also turning to bug bounty programs to help detect major vulnerabilities before cybercriminals do.
Check out the six tips for building out an incident response program, according to Bugcrowd in this free TechRepublic download.