Web Applications and Security

Verizon recently came out with a great analysis of thousands of security breaches. Here’s what fascinated me most:

The universe of threats may seem limitless, but 92% of the 100,000 incidents we’ve analyzed from the last 10 years can be described by just nine basic patterns.

– Verizon’s 2014 Data Breach Investigations Report

Those nine patterns are:

  • Point-of-sale intrusions
  • Web app attacks
  • Insider and privilege misuse
  • Physical theft and loss
  • Miscellaneous errors
  • Crimeware
  • Payment card skimmers
  • Denial of service
  • Cyber-espionage

Within the realm of web application security, Verizon has done a nice job of highlighting some important basic controls that can improve your application’s security.

  • Single-password fail
  • Rethink CMS
  • Validate inputs
  • Enforce lockout policies
  • Monitor outbound connections

You can download the report without registering. Pour yourself some coffee, sit down, and read it. We’re all better off if our technology is more secure.

Web Applications and Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s