Rojo

select Cenzic web app report highlights security problems

+ 0

• Tim Anderson's ITWriting (+subscribe)
• By tim
• 5/15/2008 03:11 AM

expand close

Summary: Will we ever get a secure Internet? There’s no cause for optimism in the latest Cenzic report into web app security . A few highlights: 7 out of 10 Web applications analyzed by Cenzic were found vulnerable to Cross-Site Scripting attacks ...  Click to expand...

Will we ever get a secure Internet? There’s no cause for optimism in the latest Cenzic report into web app security. A few highlights:

• 7 out of 10 Web applications analyzed by Cenzic were found vulnerable to Cross-Site Scripting attacks
• 70% of Internet vulnerabilities are in web applications
• FireFox has the most reported browser vulnerabilities at 40%; IE is 23%
• Weak session management, SQL Injection, and poor authentication remain very common problems
• 33% of all reported vulnerabilities are caused by insecure PHP coding, compared to 1% caused by insecurities in PHP itself.

OK, it’s another report from a security company with an interest in hyping the figures; but I found this one more plausible than some.

The PHP remarks are interesting; it would be good to see equivalent figures for ASP.NET and Java.

Technorati tags: cenzic, security, cross-site scription, sql injection, php, asp.net

 

All Mojo'rs for Cenzic web app report highlights security problems

• 

• Flag
• Email
• Rojolink
• 

close