Security News > 2021 > April > Even though critical, web application security is getting less attention

As organizations shifted focus to support remote work and business continuity amid the challenges of 2020, web application security suffered, according to an Invicti Security report.

Medium-severity vulnerabilities such as denial-of-service, host header injection, and directory listing, remained present in 63% of web apps in 2020, holding flat from 2019.

With many of the COVID-related changes to consumer and business behaviors expected to endure beyond the end of the pandemic, web application security is more critical than ever.

From growing usage of business tools such as chat, web conferencing, and collaboration environments, to increased consumer adoption of e-commerce, attack surfaces continue to expand.

Recent research indicates that the largest percentage of breaches in 2020 began with a web application, yet at the same time, the number and severity of a variety of other types of attacks reached new highs in 2020, diverting the time and resources of security organizations away from web application security.

"It's very troubling to see this loss of momentum due to reduced attention to web application security," said Invicti president and COO Mark Ralls.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/r0XNcZ40yoc/