More testing needed to ensure security of web applications

No Comments

A new report from CyCognito looks at the challenges faced by cybersecurity professionals in protecting web applications, which have become prime targets for cyberattacks.

Organizations maintain dozens, often hundreds, of custom web apps, developed in-house and by third-party partners. What's more over 60 percent update web applications weekly or more often.

Over a third of respondents (35 percent) say they experience a significant security event involving a web app at least once a week, while more than a quarter (26 percent) experience a major incident that often.

Yet testing is being neglected almost 75 percent only test their web applications monthly or less often, leaving more than 40 percent of the attack surface untested. 70 percent say the number of web applications in their environment is too large for adequate testing. Other barriers to adequate web application testing include the volume of APIs in production environments (cited as a large or very large blocker by 67 percent) and the time required to test and monitor changes (66 percent).

In addition 53 percent of respondents say they face difficulties remediating vulnerabilities uncovered by web application testing. 65 percent are planning to increase automation within
their web application security testing workflows. There is also interest in building out continuous testing capabilities.

"In the modern IT ecosystem, each SaaS instance, DevOps service, and hardware device has a web interface. Generative AI is also now creating many more of these interfaces, resulting in thousands of exposed web applications for large enterprises. Despite this fact, most security teams only test monthly at best," says Rob Gurzeev, CEO and co-founder of CyCognito. "And when they do test, coverage is severely limited, ranging from five percent to 13 percent, due to outdated testing methods. This result is that many applications are left vulnerable. Our research clearly underscores that automating testing processes are absolutely critical to ensuring robust protection against evolving cyber threats."

The full report is available from the CyCognito site.

Image credit: ra3studio/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

Kioxia launches 2Tb QLC flash memory

YEYIAN GAMING launches AVANCE Series 25-inch FHD 240Hz monitor

Sabrent releases Rocket V60 microSDXC memory card

Canonical Firefighting Support offers expert troubleshooting for Ubuntu Linux systems

78 percent of organizations view AI as an emerging tech risk

Bye bye Microsoft Windows 11: Hello Nitrux 3.5.1, the secure, lightweight Linux alternative

Cybersecurity training needs a human touch

Most Commented Stories

Say goodbye to Microsoft Windows 11: Nitrux Linux 3.5.0 is the operating system you need!

87 Comments

Say goodbye to Microsoft Windows 11 and hello to Linux-based EndeavourOS

69 Comments

Say goodbye to Microsoft Windows 11: openSUSE Leap 15.6 is the Linux-based operating system you need!

59 Comments

Lucky for some -- Windows 13 is everything Windows 11 should be

28 Comments

SDesk ISO 19 released: Say goodbye to Microsoft Windows 11 and hello to Linux

21 Comments

Joe Biden implements Kaspersky ban ahead of debate with Donald Trump, citing national security concerns

19 Comments

CachyOS June 2024 release makes it easy to say goodbye to Microsoft Windows 11 and hello to Linux

17 Comments

Deepin Linux V23 RC2 delivers a kung fu kick from China to knock out Windows 11

16 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.