Virtually All Web and Mobile Apps Vulnerable To Attack
The included infographic shows the areas of vulnerability that exist, and the report details the type, frequency, and severity of these issues as they pertain to web- and cloud-based and mobile applications. Cross-scripting is the most common type of vulnerability. For their part, mobile applications are vulnerable to threats from privacy violations, infrastructure, session management, and more.
Cenzic CTO Scott Parcel told Net Security that security at the application layer must be addressed by businesses, as companies apparently are asleep at the wheel in terms of both existing threats and evolving threats. “As the rush to create a multitude of connected mobile apps has led corporations to essentially rip out walls and replace them with unlocked doors, leaving them even less aware of how to secure at scale," said Parcel.
We imagine that providers of cloud and Web-based services will have something to say about this report, but it doesn’t really help us sleep any better at night.