> Qualys > WEB APPLICATION SECURITY How to Minimize the Risk of Attacks

WEB APPLICATION SECURITY How to Minimize the Risk of Attacks

White Paper Published By: Qualys
Published:  Apr 05, 2011
Type:  White Paper
Length:  7 pages

The guide surveys typical web application vulnerabilities, compares options for detection, and introduces the QualysGuard Web Application Scanning solution – an on demand service from Qualys that automates detection of the most prevalent vulnerabilities in custom web applications.

Vulnerabilities in web applications are now the largest source of enterprise security attacks. Web application vulnerabilities accounted for over 55% of all vulnerabilities disclosed in 2010, according to an IBM X-Force study. That may be the tip of the iceberg as the study includes only commercial web applications.1 Stories about compromised sensitive data frequently mention culprits such as “cross-site scripting,” “SQL injection,” and “buffer overflow.” Vulnerabilities like these often fall outside the traditional expertise of network security managers. The relative obscurity of web application vulnerabilities thus makes them useful for attacks. As many organizations have discovered, these attacks will evade traditional enterprise network defenses unless you take new precautions.

Tags : 
web application security, qualys, vulnerabilities, sql injection, ssi injection, xpath injection, attacks, qualysguard was 2.0, scanning, saas, application security, firewalls, hacker detection, identity management, internet security, intrusion detection, intrusion prevention, network security appliance, password management, security management