Thep Urai - Fotolia
Application weaknesses and software vulnerabilities are consistently the most common external enterprise threat vector targeted by attackers.
Open source issues continue to be a thorn in infosec's side.
Companies still aren't investing in the tools, mechanisms and expertise needed to thwart threats.
These are three of the top findings in Forrester Research's "The State of Application Security, 2020." It's nothing new, however. Web application security challenges date back years, if not decades.
In fact, several items on Open Web Application Security Project's (OWASP) list of the top 10 web application security risks -- including injection flaws, cross-site scripting (XSS) and broken authentication -- were the same in its most recent 2017 version as when it was first released in 2003.
The sad part is these risks -- despite their well-known and well-publicized nature -- will persist until developers, security teams and companies start to take them more seriously.
Do you know how to prevent your company's web apps from falling victim to the barrage of threats they face? From malicious code to vulnerability scanners and penetration testing (pen testing) to buffer overflow, XSS, distributed denial of service (DDoS) and SQL injection attacks, it is critical to know the tools and policies to properly secure applications and keep them safe from nefarious actors.
Take this quiz to determine how knowledgeable you are and whether you need to hone your web application security skills.