Web Application Security Incident Analysis
The Web Hacking Incident Database 2010 semi-annual report was published in early September. I have only just managed to find time to read it.
This latest report for January to June 2010 analyses actual reported incidents (e.g. data breaches) collected by the Web Hacking Incident Database (WHID), a project of the Web Application Security Consortium and supported by Trustwave SpiderLabs. The WHID's goal is to raise awareness of the web application security (webappsec) problem and provide information for statistical analysis of web application security incidents. The data only include disclosed and reported targetted (i.e. non-random) attacks against specific organisations (see Zone-H for wider data on random or opportunistic defacement hacks).
The information is very clearly presented and includes attack source geographic location, the drivers (outcomes), attack methods, weaknesses exploited and organisation type. It will be very useful for risk and security professionals who want to prioritise resources protecting their web sites, applications and the associated data. In case you haven't guessed "SQL injection is still the top known attack category".
If you haven't seen them yet, the "real-time" interactive charts on the project's home page are fantastic. Other ways to keep up-to-date are using the RSS feed or Twitter.
Posted on: 08 October 2010 at 08:55 hrs
Comments are filtered automatically and should appear shortly after they been checked.
Unfortunately the numbers won't do much for the perception that security teams don't always focus on greatest business risk compared, reducing ROI.
Always good to have some hard(ish) figures to backup a requirement and/or protection though. Thanks for sharing.