Solved

web application security

Posted on 2004-08-21
4
152 Views
Last Modified: 2010-04-11
G'day experts,

I need some data, statistics, numbers for internet/web attacks and web application attacks. I have tried CERT (www.cert.org) and got some useful data on internet attacks, however i need a site or source that will give the number of particular types of attacks.

Basically, i need a site or source that does essentially the same thing as CERT, but gives a breakdown of what attacks occured and how many. A site that also gives total web application attaks by year would also be great.

Also, a site that can give numbers on network security attacks and web application attacks by year would be great.


0
Comment
Question by:claracruz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 11859197
Will this help you . These are not from one source but multiple

http://www.onixnet.com/Understand%20Web%20App%20Attacks.pdf

www.nii.co.in/blackhat.ppt

www.blackhat.com/presentations/ bh-europe-04/bh-eu-04-detoisien.pdf

This can lot of info
http://whitepapers.informationweek.com/rlist/term/Web-Application-Security.html -- get some kind of membership

A good book : http://www.webhackingexposed.com/

SR
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11859210
Here is a great site, I think you'll find everything you need on there:

Virus history, security advisories information and statistics, etc..

http://secunia.com
0
 
LVL 4

Author Comment

by:claracruz
ID: 11860668
hello,

where are the figures?????, not one of the sites you gave has any stattistics for web attacks.

i need statistics, as in something like the following;-

the number of web attacks for january = 2000000
                      web application attacks = 199999
                                 network attacks = 1      
                                                       
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 11860679
AFAIK there is no such site at the moment :-(
There're some organisations which have partial data, but also no complete statistic as you request, try
  http://www.owasp.org/
  http://www.whitehatsec.org/
  http://www.securitcfocus.com/
  http://isc.sans.org/

A number you'll find on a lot of sites is that etimated 80-95% of all web sites are vulnerable to XSS.
Most of them for SQL Injection too (if databases are used).
Another current umber is that phishing increased 180% this year.

A common reason why you won't find detailed data is that each company having such a problem won't tell it, 'cause most likely they keep it confidential as long as possible.

If you try to read a story, see:
 http://www.ccc.de/t-hack/stn/inhlt/drartkl.htm
 http://www.ccc.de/t-hack/
(T-com need diable their business plattform for roughly 250000 customers! without warning them, it's still off-line)
and you see what I mean.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
disable USB on Dell Printers 14 36
Display which user(s) is logged in to Access DB over the network 3 46
AD architecture diagram 5 60
sftp vs SendThisFile 9 49
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question