1. https://appdevelopermagazine.com/security
  2. https://appdevelopermagazine.com/whitehat-web-applications-security-statistics-report-highlights-chronic-vulnerabilities/
6/12/2016 3:02:25 PM
WhiteHat Web Applications Security Statistics Report Highlights Chronic Vulnerabilities
Web Applications Security,Transport Layer Protection,Cross-Site Scripting
App Developer Magazine
WhiteHat Web Applications Security Statistics Report Highlights Chronic Vulnerabilities


WhiteHat Web Applications Security Statistics Report Highlights Chronic Vulnerabilities

Sunday, June 12, 2016

Stuart Parkerson Stuart Parkerson

WhiteHat Security has released its eleventh annual Web Applications Security Statistics Report which was compiled using data collected from tens of thousands of websites to analyze vulnerabilities, remediation rates and risk levels. The report reveals that on average, the majority of web applications exhibit two or more serious vulnerabilities per application for every industry at any given point in time.

The report’s findings are based on the aggregated vulnerability scanning and remediation data from web applications that use the WhiteHat Sentinel service for security testing. The research shows of the 12 industries analyzed in the report, the information technology (IT), education, and retail industries suffer the highest number of critical or high-risk vulnerabilities per web application, at 17, 15 and 13 respectively.

The findings also highlight that the IT and retail industries struggle to remediate in a timely manner. It takes approximately 250 days for IT and 205 days for retail businesses to fix the software flaws. Additionally, highly regulated industries, such as financial services and healthcare, are not performing significantly better than the rest.

Other findings from the report:

- Since 2013, the average time to fix vulnerabilities has trended upward; in 2013, the average time-to-fix was approximately 100 days. The average time-to-fix in 2015 jumped to approximately 150 days,

- Critical and high-risk vulnerabilities have an average age of 300 and 500 days, respectively.

- For the 12 industries analyzed in the report, nine have vulnerability remediation rates below 50 percent.

- Insufficient Transport Layer Protection, Information Leakage and Cross-Site Scripting are widely known application vulnerabilities, yet they are the three most common vulnerabilities found within web applications across all industries.

White Hat will host a webinar on June 29 at 10am PDT to review and discuss the findings. The full report is available at the link below.

Read more: https://info.whitehatsec.com/Website-Stats-Report-...

Subscribe to App Developer Magazine

Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.


  • - Exclusive content from leaders in the industry
  • - Q&A articles from industry leaders
  • - Tips and tricks from the most successful developers weekly
  • - Monthly issues, including all 90+ back-issues since 2012
  • - Event discounts and early-bird signups
  • - Gain insight from top achievers in the app store
  • - Learn what tools to use, what SDK's to use, and more

    Subscribe here