Home > Information Security Magazine > Features > Web Application Break-In
EMAIL THIS LICENSING & REPRINTS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

Web Application Break-In
by Michael Cobb
Issue: Aug 2006
printer-friendly
licensing & reprints
< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   7  |   8  |   NEXT PAGE  >

It's time to protect online Assets from increasing attacks.


The statistics are alarming: Gartner estimates 75 percent of attacks against Web sites take place at the application layer. Most of the vulnerabilities documented by Symantec in the second half of 2005 were found in Web application technologies. And a majority of the 20 most severe vulnerabilities in the US-CERT database are Web application flaws.

While companies have focused on securing their network perimeters, Web applications remain vulnerable to attack. Cybercriminals are growing more and more adept at exploiting their interactive nature to bypass traditional perimeter security defenses. By moving up the network protocol stack and communicating at layer 7, attackers can interface directly with an application's processes, and pass data designed to masquerade as legitimate application requests or commands through normal request channels such as scripts, URLs and form data. This can easily lead intruders to a wealth of valuable data without them having to break into any servers.

More information from SearchSecurity.com

Learn more about Web application attacks and how to defend against them with this Learning Guide.

Test your knowledge of Web application threats and vulnerabilities with this 10-question multiple-choice quiz.

Visit our resource center for news on the latest Web application attacks.

Enterprises have a wide range of Web application attacks to worry about. Some of the more common ones include buffer overflows, SQL injection and denial of service (DoS) attacks, while a lesser-known type of threat is email injection. Intruders also use a technique called fingerprinting to zero in on their targets. The tactics are different, but the results can be equally devastating--from theft of confidential data and complete system compromise to business disruption.

By waking up to these threats and implementing methods and strategies to deflect them, enterprises can protect their most precious assets.

< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   7  |   8  |   NEXT PAGE  >





TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts