Skip to header Skip to main navigation Skip to main content Skip to footer

Web Services

Application Services | Technology Services

[View Image] User uploaded custom header image [View Image]

Web site hacks are on the rise and pose a greater threat than the broad-based network attacks that have been giving IT departments fits. Whereas attacks against networks disrupt Internet service and negatively impact companies trying to do business over the Web or private networks, attacks against Web applications threaten to steal critical customer, employee, and business partner information stored in applications and databases linked to the Web.

Generally, “people who build Web applications are optimistic people,” says Gary McGraw, chief technology officer with Cigital Inc., a maker of risk management software. “They don’t consider that someone would try to break their programs.”

Web App Hack Incidents Are Up As Businesses Take Cover

Incident by WASC threat classification

Cross-site Scripting32
Insufficient Authorization15
Credential/Session Prediction14
Insufficient Authentication11
SQL Injection11

View complete list by the Web Application Security Consortium

Web Application Security Resources

The Cross Site Scripting FAQ
Scripts for testing your site to see if it is vulnerable to XSS
SQL Injection Walkthrough
SQL Injection Attacks by ExampleCategories Security

View graphic version