Web Services

Application Services | Technology Services

User uploaded custom header image

Web site hacks are on the rise and pose a greater threat than the broad-based network attacks that have been giving IT departments fits. Whereas attacks against networks disrupt Internet service and negatively impact companies trying to do business over the Web or private networks, attacks against Web applications threaten to steal critical customer, employee, and business partner information stored in applications and databases linked to the Web.

Generally, “people who build Web applications are optimistic people,” says Gary McGraw, chief technology officer with Cigital Inc., a maker of risk management software. “They don’t consider that someone would try to break their programs.”

Web App Hack Incidents Are Up As Businesses Take Cover

Incident by WASC threat classification

Class Count
Cross-site Scripting 32
Unknown 23
Insufficient Authorization 15
Credential/Session Prediction 14
Insufficient Authentication 11
SQL Injection 11

View complete list by the Web Application Security Consortium

Web Application Security Resources

The Cross Site Scripting FAQ
Scripts for testing your site to see if it is vulnerable to XSS
SQL Injection Walkthrough
SQL Injection Attacks by Example

Categories Security