Web hosting providers underestimate the security threat facing web applications Web hosting providers underestimate the security threat facing web applications - RSS feed from Security Park
(04/02/2008)

Despite the highly publicized attacks on websites worldwide, many web hosting customers remain unprotected against the newest forms of attacks as cyber crime tactics evolve.

Hundreds of thousands of web site operators – many with little or no technical expertise – rely on web hosting providers to keep their websites and web applications safe. Yet events such as the recent SQL injection attack that compromised more than 70,000 websites, and the 10,000 web sites serving up malicious code in December, show hackers are exploiting vulnerabilities in web applications with impunity.

The combination of traditional firewall technology becoming mainstream and enterprise networks improving their defences has driven hackers to find more vulnerable targets.

Yaacov Sherban, CEO of Applicure, commented: ‘Popular entry routes for attacks now focus on web applications including message boards, forums and registration forms, which puts websites of every kind right in the firing line. With many web applications virtually unprotected, it’s easy for hackers to deface or shut down the website, or else manipulate the applications to reveal sensitive data. For web host providers all it takes is one customer website to be breached and the whole server, with thousands of hosting customers, can be wide open.’

The traditional approach to application vulnerabilities is to scan programs and patch the weaknesses. ‘Naturally, hosting companies cannot be expected to scan and patch vulnerabilities in their customers’ applications,’ said Sherban. ‘The good news is that security technology has advanced to the point where attack monitors and specialized web application firewalls can be deployed within minutes, and the additional security is provided to customers as a value added service.’

Sherban went on to say: ‘What makes this new technology special is that it detects and intercepts suspicious traffic before it gets to the customer’s site, potentially preventing an attack that would otherwise lead to a damaging breach.’

Related topics:  Application and software security   Hacking and intrusion prevention   Internet and Web security 


print versionPrint version | email this to a friendEmail to a friend | related articlesRelated articles


Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.


Other Security news and resources


Security News Suppliers Directory Jobs forum Classifieds Knowledge base White papers Research library Security books Special reports Security interviews Security companies Security events Security links Security market

Product channels

Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products

IT Security white papers and research library

Access Control  Authentication  Data Management  Data Security  Digital Signatures  Email Security  Identity Management  Internet Security  Intrusion Prevention  Network Security  Remote access security  Security Management  Security Policies  Security Software  Security Threats  Virus Detection Software  Virus Protection  VPN  Vulnerability Assessment  Wireless Security 

Security books, guides, standards and toolkits

RFID and Smart Cards books, guides and reference documents  Biometric books, guides and reference documents  CCTV books, guides and reference documents  Intruder alarms and intrusion detection systems books, guides and reference documents  Monitoring and surveillance books, guides and reference documents  IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits  Fire, Health & Safety books, guides and reference documents

Security Resources
Directory GET LISTED! Jobs forum Classifieds Knowledge base White papers Research library Security books Security videos Special reports Security companies Security events Security links Security market Company news

Security Products
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Security products

Security Markets
Bank and financial services security Corporate and enterprise security Education and school security Entertainment and events security Homeland and Government security Hospital and healthcare security Infrastructure and utilities security Manufacturing and industrial security Public sector security Residential and home security Retail security Small business security Sports and recreational security Transport and logistics security


Ensure that you conduct an effective information security risk assessment that is in line with ISO 27001 by purchasing vsRisk™ Risk Assessment Tool

Need a
Security reference book?
Find it on Amazon
Security books







advertise
sumbit an article
copyright
terms & conditions
privacy policy


CMS and Web design by www.Areza.com

Article search

Directory search


add your company
Google

ISO 18028 (Network Security Management)
Home | About | Contact | Submit article | Advertise | Newsletter | RSS | Search