StarBase homepage
Welcome to StarBase - Integrity, Quality, Delivery
   
If you would like to discuss any of our testing or training services please contact us
+44(0) 20 8236 7000
Subscribe to our newsletter
Home > Services & Tools > Security Testing

Security Testing

Web Application Security – Too Costly To Ignore

The bad news keeps rolling in nearly every day. A major retailer’s website is hacked, and thousands of customer records, including credit card numbers, are stolen; a single flaw on the web page of a federal agency has leaked Social Security numbers onto the Internet. It is clear that attacks targeting web applications are on the rise, as stories like these are all too commonplace.

Not only are application attacks growing more prevalent, they are also costly. The research firm Gartner estimates that within the next year, 80 percent of all companies will have suffered through an application security incident. The cost of these incidents ranges from £62 to £208 per compromised record, depending on the nature of the breach and the company hacked. These costs include system cleanup and forensic analysis, regulatory and legal costs, consumer breach notification, and credit monitoring services. When considering those expenses, it is no surprise that the total expense of a single breach can range from several million to well into the billions.

These web application flaws also place organizations at significant risk for non-compliance with government and industry regulations such as Federal Information Security Management Act (FISMA), Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX), the Gramm-Leach-Bliley Act (GLBA), and the more recent Payment Card Industry Data Security Standard (PCI DSS).

For attackers, web applications are both easy and worthy targets. Common flaws such as SQL injection, cross-site scripting, poor input validation and broken authentication conditions make it possible for attackers to easily infiltrate these applications to disrupt application availability and destroy or steal sensitive and private information like credit card data. Also, vulnerable web applications not only allow these miscreants to steal and manipulate information within that application, but also to use it as an entry point to the corporate network and back-end applications.


Learn about Security Vulnerabilities Application Security Testing Solution
 
Home | Site map | Terms & conditions | Privacy policy
 
Web site development by Indigo 21 Ltd.