Report: 100% of web apps have at least one security vulnerability

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Nearly all of the vulnerabilities detected in web apps were of a critical nature, with financial services sites the most at risk, according to a Positive Technologies report.

  • A report from Positive Technologies found that 100% of the web apps it tested contained at least one security vulnerability, with 85% being risks to users.
  • Web apps need to be constantly monitored for vulnerabilities, with source code analysis being the best way to find flaws, Positive Technologies said. The key at that point is to release patches swiftly.
Security firm Positive Technologies has released a summary of its web application vulnerability testing in 2017, and the results should serve as a wakeup call to anyone using, or responsible for, a web app. Of the web apps included in the study, not a single one was without security vulnerabilities, of which 85% allowed attackers to target web app users through attacks like cross-site scripting.
The sample size in Positive Technologies study is small (only 33 web apps were included), and the study also admits that the tested applications are not standard apps and contain large amounts of custom code.
Regardless of the scope of the study, its findings should put web app developers on guard, especially those building custom apps or publishing non-standard web apps—there's no reason to assume they're safe.

Who is most at risk and what are they facing?
Of the web apps considered in the report, nearly half belonged to financial services organizations, which were also the greatest risk category: 100% of financial services apps contained high-risk vulnerabilities.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top