«  
  »

Cenzic web app report highlights security problems

By tim, on May 15th, 2008 Follow tim on Twitter

Will we ever get a secure Internet? There’s no cause for optimism in the latest Cenzic report into web app security. A few highlights:

  • 7 out of 10 Web applications analyzed by Cenzic were found vulnerable to Cross-Site Scripting attacks
  • 70% of Internet vulnerabilities are in web applications
  • FireFox has the most reported browser vulnerabilities at 40%; IE is 23%
  • Weak session management, SQL Injection, and poor authentication remain very common problems
  • 33% of all reported vulnerabilities are caused by insecure PHP coding, compared to 1% caused by insecurities in PHP itself.

OK, it’s another report from a security company with an interest in hyping the figures; but I found this one more plausible than some.

The PHP remarks are interesting; it would be good to see equivalent figures for ASP.NET and Java.

VN:F [1.9.3_1094]
Rate this post
Rating: 0.0/10 (0 votes cast)

Related posts:

  1. Apple accused of security blunder; highlights cloud risks
  2. Sophos video about hacked BusinessWeek site
  3. UK Government resists Peer pressure on internet security
  4. Why are web sites still storing passwords? Monster, USAJobs blunder highlights the risks
  5. Don’t just blame users for woeful security online
May 15th, 2008 | Category: .net, internet, php, software development, web authoring

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>