All the latest UK technology news, reviews and analysis
|
|
|
08 Sep 2009
Web application security is getting worse, according to the Web Application Security Report 2009 from security consultancy NTA Monitor.
The firm tested web apps belonging to its public and private sector clients, and ascribed 'high', 'medium', 'low' and 'informational' risk status to the vulnerabilities it found.
The number of applications with at least one 'high' risk vulnerability had grown from 17 per cent to 27 per cent since last year, while the number of apps with one or more 'medium' risk vulnerabilities had increased from 78 per cent to 90 per cent.
NTA Monitor found a total of 13 vulnerabilities per test, ranging from one to an alarming 36 issues.
The most common 'high' risk vulnerabilities involved SQL injection, cross site-scripting and cross-request forgery attacks.
NTA Monitor made several recommendations for firms looking to boost web application security, including regular testing, staff training, the creation and publishing of a clear security policy, and inserting security service level agreements into contracts with internet or managed service providers.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
The Company: My client based in Sheffield are one...
Binary Phase Shift Keying (BPSK) Modulation Consultant...
Java Games Developer, Online Gaming, London Key words...
Quant Dev, Quantitative Developer, RAD, Hedge Fund, Asset...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?