Web applications have become essential for business, as they simplify and automate key functions and processes for employees, customers and partners, making organizations more agile, innovative and efficient.
Unfortunately, many web applications are also unsafe due to latent vulnerabilities and insecure configurations. Web application attacks rank as the most likely to trigger a data breach, according to the 2016 and 2017 editions of the Verizon Data Breach Investigations Report.
Those findings are consistent with SANS Institute’s 2016 State of Application Security Report, which found that “public-facing web applications were the largest items involved in breaches and experienced the most widespread breaches.”
“Insecure web applications are a real problem today,” Dave Ferguson, Director of Product Management for Web Application Scanning at Qualys, said during a recent webcast. “Web apps are a foothold into your organization for potential attackers.”