Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

web application security

Posted on 2004-08-21
4
Medium Priority
?
163 Views
Last Modified: 2010-04-11
G'day experts,

I need some data, statistics, numbers for internet/web attacks and web application attacks. I have tried CERT (www.cert.org) and got some useful data on internet attacks, however i need a site or source that will give the number of particular types of attacks.

Basically, i need a site or source that does essentially the same thing as CERT, but gives a breakdown of what attacks occured and how many. A site that also gives total web application attaks by year would also be great.

Also, a site that can give numbers on network security attacks and web application attacks by year would be great.


0
Comment
Question by:claracruz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 11859197
Will this help you . These are not from one source but multiple

http://www.onixnet.com/Understand%20Web%20App%20Attacks.pdf

www.nii.co.in/blackhat.ppt

www.blackhat.com/presentations/ bh-europe-04/bh-eu-04-detoisien.pdf

This can lot of info
http://whitepapers.informationweek.com/rlist/term/Web-Application-Security.html -- get some kind of membership

A good book : http://www.webhackingexposed.com/

SR
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11859210
Here is a great site, I think you'll find everything you need on there:

Virus history, security advisories information and statistics, etc..

http://secunia.com
0
 
LVL 4

Author Comment

by:claracruz
ID: 11860668
hello,

where are the figures?????, not one of the sites you gave has any stattistics for web attacks.

i need statistics, as in something like the following;-

the number of web attacks for january = 2000000
                      web application attacks = 199999
                                 network attacks = 1      
                                                       
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 2000 total points
ID: 11860679
AFAIK there is no such site at the moment :-(
There're some organisations which have partial data, but also no complete statistic as you request, try
  http://www.owasp.org/
  http://www.whitehatsec.org/
  http://www.securitcfocus.com/
  http://isc.sans.org/

A number you'll find on a lot of sites is that etimated 80-95% of all web sites are vulnerable to XSS.
Most of them for SQL Injection too (if databases are used).
Another current umber is that phishing increased 180% this year.

A common reason why you won't find detailed data is that each company having such a problem won't tell it, 'cause most likely they keep it confidential as long as possible.

If you try to read a story, see:
 http://www.ccc.de/t-hack/stn/inhlt/drartkl.htm
 http://www.ccc.de/t-hack/
(T-com need diable their business plattform for roughly 250000 customers! without warning them, it's still off-line)
and you see what I mean.
0

Featured Post

Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question