Home  »  News 2024  »  7 out of 10 websites are hacked at application layer
outof Websites Are Hacked

7 out of 10 websites are hacked at application layer

Security firm Indusface has outlined some website security statistics from India and the reasons behind it. It has published a report to guide CIOs and CISOs to understand the paradigm shift taking place in the web application security domain.Security firm Indusface has outlined some website security statistics from India and the reasons behind it. It has published a report to guide CIOs and CISOs to understand the paradigm shift taking place in the web application security domain.

Database breach is easier: According to the data that security firm Indusface had collected from more than 2.9 million scans and 4.5 billion ethical hacks, their experts are certain that it’s easier for hackers to infiltrate into the databases.There are two reasons for it, Indusface said. Firstly, SQLi vulnerability was found on more than 90 percent of the application, which provides direct access to a database where attackers can read and edit files. Secondly, system administrators rarely know about it. Given that most-medium sized organisations in our country are unable to detect SLQ Injection attacks, there are chances that many of them are bleeding sensitive data without knowledge.

Cross-site scripting is abundant: Although XSS is not really one of the most pressing issues for most companies, it is as common as SQLi. Approximately 97 percent of the tested websites had XSS and chances are that they did not really consider it as a severe issue. However, XSS can cause real problems for businesses by not only putting their servers at risk but also users.

Most organisations are not testing their applications: According to the Indusface research team, 7 out of 10 websites are hacked at the application layer, but overemphasis on network security and lack of awareness of application security has made many companies overlook the risks entirely. Most of them do not even know about OWASP Top 10 vulnerabilities, and don’t know how they can be used to breach into the system.

Application patching is procrastinated: If it isn’t broken, why fix it? Probably one of the primary reasons why most companies overlook application layer vulnerabilities is that these are difficult to fix. E-commerce and other competitive industries have to frequently make changes, where customer experience is their top priority. On the other hand, banking, insurance, and other finance companies aren’t too keen to change things as it involves complete planning and auditing.

“Application security is a very niche branch of information security. It requires specific understanding of how Layer 7 interacts over the World Wide Web and also other communication layers within the organisation network,” Venkatesh Sundar, CTO, Indusface.

Here are some of the key India-centric facts:

Read moreClick here

News Sources:

http://www.firstpost.com/business/7-10-websites-hacked-application-layer-says-indusface-2297606.html

Indusface
Indusface

Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.

Join 47000+ Security Leaders

Get weekly tips on blocking ransomware, DDoS and bot attacks and Zero-day threats.

We're committed to your privacy. indusface uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.