web application security

G'day experts,

I need some data, statistics, numbers for internet/web attacks and web application attacks. I have tried CERT (www.cert.org) and got some useful data on internet attacks, however i need a site or source that will give the number of particular types of attacks.

Basically, i need a site or source that does essentially the same thing as CERT, but gives a breakdown of what attacks occured and how many. A site that also gives total web application attaks by year would also be great.

Also, a site that can give numbers on network security attacks and web application attacks by year would be great.

Who is Participating?
ahoffmannConnect With a Mentor Commented:
AFAIK there is no such site at the moment :-(
There're some organisations which have partial data, but also no complete statistic as you request, try

A number you'll find on a lot of sites is that etimated 80-95% of all web sites are vulnerable to XSS.
Most of them for SQL Injection too (if databases are used).
Another current umber is that phishing increased 180% this year.

A common reason why you won't find detailed data is that each company having such a problem won't tell it, 'cause most likely they keep it confidential as long as possible.

If you try to read a story, see:
(T-com need diable their business plattform for roughly 250000 customers! without warning them, it's still off-line)
and you see what I mean.
Will this help you . These are not from one source but multiple



www.blackhat.com/presentations/ bh-europe-04/bh-eu-04-detoisien.pdf

This can lot of info
http://whitepapers.informationweek.com/rlist/term/Web-Application-Security.html -- get some kind of membership

A good book : http://www.webhackingexposed.com/

Here is a great site, I think you'll find everything you need on there:

Virus history, security advisories information and statistics, etc..

claracruzAuthor Commented:

where are the figures?????, not one of the sites you gave has any stattistics for web attacks.

i need statistics, as in something like the following;-

the number of web attacks for january = 2000000
                      web application attacks = 199999
                                 network attacks = 1      
All Courses

From novice to tech pro — start learning today.