Study Finds Web Apps Are Often Weak Links in Security Strategies

As browser-based applications continue to mature and offer new features that rival those of native apps, more organizations are using custom web apps to help manage their day-to-day operations. Although these web apps are powerful tools in the modern business ecosystem, they may also constitute security risks according to a recent study conducted by multinational cybersecurity firm Kaspersky Lab.

This study found that in 2017, 73 percent of all successful perimeter breaches were achieved by targeting vulnerable web applications. These findings were based on an analysis of penetration tests conducted on corporate networks by Kaspersky Lab’s Security Services department.

The company’s Security Services department conducts these penetration tests every year to help their clients identify potential vulnerabilities in their network infrastructures. Last year, the testing team found that insecure web applications were by far the most common weaknesses they encountered.

Publicly-available management interfaces with weak login credentials were another common weakness identified in this round of penetration testing. Kaspersky Lab’s security technicians were able to gain the highest available network privileges by targeting these interfaces in 29 percent of external penetration tests.

These results demonstrate that many organizations, both private and public, still have plenty of work to do to stay abreast of the latest cybersecurity threats. Without adequate testing, our most useful applications can easily become our greatest liabilities. To learn more about the benefits of thorough, professional application testing, feel free to give us a call or contact us online today!