Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 168
  • Last Modified:

web application security

G'day experts,

I need some data, statistics, numbers for internet/web attacks and web application attacks. I have tried CERT (www.cert.org) and got some useful data on internet attacks, however i need a site or source that will give the number of particular types of attacks.

Basically, i need a site or source that does essentially the same thing as CERT, but gives a breakdown of what attacks occured and how many. A site that also gives total web application attaks by year would also be great.

Also, a site that can give numbers on network security attacks and web application attacks by year would be great.


0
claracruz
Asked:
claracruz
1 Solution
 
sunray_2003Commented:
Will this help you . These are not from one source but multiple

http://www.onixnet.com/Understand%20Web%20App%20Attacks.pdf

www.nii.co.in/blackhat.ppt

www.blackhat.com/presentations/ bh-europe-04/bh-eu-04-detoisien.pdf

This can lot of info
http://whitepapers.informationweek.com/rlist/term/Web-Application-Security.html -- get some kind of membership

A good book : http://www.webhackingexposed.com/

SR
0
 
Yan_westCommented:
Here is a great site, I think you'll find everything you need on there:

Virus history, security advisories information and statistics, etc..

http://secunia.com
0
 
claracruzAuthor Commented:
hello,

where are the figures?????, not one of the sites you gave has any stattistics for web attacks.

i need statistics, as in something like the following;-

the number of web attacks for january = 2000000
                      web application attacks = 199999
                                 network attacks = 1      
                                                       
0
 
ahoffmannCommented:
AFAIK there is no such site at the moment :-(
There're some organisations which have partial data, but also no complete statistic as you request, try
  http://www.owasp.org/
  http://www.whitehatsec.org/
  http://www.securitcfocus.com/
  http://isc.sans.org/

A number you'll find on a lot of sites is that etimated 80-95% of all web sites are vulnerable to XSS.
Most of them for SQL Injection too (if databases are used).
Another current umber is that phishing increased 180% this year.

A common reason why you won't find detailed data is that each company having such a problem won't tell it, 'cause most likely they keep it confidential as long as possible.

If you try to read a story, see:
 http://www.ccc.de/t-hack/stn/inhlt/drartkl.htm
 http://www.ccc.de/t-hack/
(T-com need diable their business plattform for roughly 250000 customers! without warning them, it's still off-line)
and you see what I mean.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now