{"id":629,"date":"2008-05-15T11:11:02","date_gmt":"2008-05-15T10:11:02","guid":{"rendered":"http:\/\/www.itwriting.com\/blog\/?p=629"},"modified":"2008-05-15T11:11:02","modified_gmt":"2008-05-15T10:11:02","slug":"cenzic-web-app-report-highlights-security-problems","status":"publish","type":"post","link":"https:\/\/www.itwriting.com\/blog\/629-cenzic-web-app-report-highlights-security-problems.html","title":{"rendered":"Cenzic web app report highlights security problems"},"content":{"rendered":"<p>Will we ever get a secure Internet? There&#8217;s no cause for optimism in the <a href=\"http:\/\/www.cenzic.com\/cia_research\/resources.php\" target=\"_blank\">latest Cenzic report into web app security<\/a>. A few highlights:<\/p>\n<ul>\n<li>7 out of 10 Web applications analyzed by Cenzic were found vulnerable to Cross-Site Scripting attacks<\/li>\n<li>70% of Internet vulnerabilities are in web applications<\/li>\n<li>FireFox has the most reported browser vulnerabilities at 40%; IE is 23%<\/li>\n<li>Weak session management, SQL Injection, and poor authentication remain very common problems<\/li>\n<li>33% of all reported vulnerabilities are caused by insecure PHP coding, compared to 1% caused by insecurities in PHP itself.<\/li>\n<\/ul>\n<p>OK, it&#8217;s another report from a security company with an interest in hyping the figures; but I found this one more plausible than <a href=\"http:\/\/www.itwriting.com\/blog\/?p=623\" target=\"_blank\">some<\/a>.<\/p>\n<p>The PHP remarks are interesting; it would be good to see equivalent figures for ASP.NET and Java.<\/p>\n<div class=\"wlWriterSmartContent\" id=\"scid:0767317B-992E-4b12-91E0-4F059A8CECA8:c3c2c864-63d9-423d-a2f3-6208cdf89556\" style=\"padding-right: 0px; display: inline; padding-left: 0px; padding-bottom: 0px; margin: 0px; padding-top: 0px\">Technorati tags: <a href=\"http:\/\/technorati.com\/tags\/cenzic\" rel=\"tag\">cenzic<\/a>, <a href=\"http:\/\/technorati.com\/tags\/security\" rel=\"tag\">security<\/a>, <a href=\"http:\/\/technorati.com\/tags\/cross-site%20scription\" rel=\"tag\">cross-site scription<\/a>, <a href=\"http:\/\/technorati.com\/tags\/sql%20injection\" rel=\"tag\">sql injection<\/a>, <a href=\"http:\/\/technorati.com\/tags\/php\" rel=\"tag\">php<\/a>, <a href=\"http:\/\/technorati.com\/tags\/asp.net\" rel=\"tag\">asp.net<\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Will we ever get a secure Internet? There&#8217;s no cause for optimism in the latest Cenzic report into web app security. A few highlights: 7 out of 10 Web applications analyzed by Cenzic were found vulnerable to Cross-Site Scripting attacks 70% of Internet vulnerabilities are in web applications FireFox has the most reported browser vulnerabilities &hellip; <a href=\"https:\/\/www.itwriting.com\/blog\/629-cenzic-web-app-report-highlights-security-problems.html\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Cenzic web app report highlights security problems<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,44,64,80,96],"tags":[],"class_list":["post-629","post","type-post","status-publish","format-standard","hentry","category-net","category-internet","category-php","category-software-development","category-web-authoring"],"_links":{"self":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/629","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/comments?post=629"}],"version-history":[{"count":0,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/629\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/media?parent=629"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/categories?post=629"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/tags?post=629"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}