IT Trenches

Sep 8 2008   4:49PM GMT

Did you see this? – 2007 Web Application Security Statistics Project



Posted by: Troy Tate
Tags:
awareness
data loss
Data security
Database
DataManagement
Development
internet
malware
Metrics
Monitoring
Policy
research
risk
Security
tools
vulnerability
web
website
WWW

The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2007. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape.

 

Goals

1. Identify the prevalence and probability of different vulnerability classes 2. Compare testing methodologies against what types of vulnerabilities they are likely to identify.

 

The statistics was compiled from web application security assessment projects which were made by the following companies in 2007 (in alphabetic

order):

 

- Booz Allen Hamilton

- BT

- Cenzic with Hailstorm and ClickToSecure

- dblogic.it

- HP Application Security Center with WebInspect

- Positive Technologies with MaxPatrol

- Veracode with Veracode Security Review

- WhiteHat Security with WhiteHat Sentinel

 

The overall statistics includes analysis results of 32,717 sites and 69,476 vulnerabilities of different degrees of severity. The detailed information can be found here:

 

http://www.webappsec.org/projects/statistics/

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: