The CompTIA / Incredible Connection Relationship classroom image

Web applications are a necessary tool for conducting business in today's connected world - common examples include online banking or retail websites. At the same time, these applications can be a significant liability to enterprise security. Using just one vulnerability in the public facing interface of a web application, an attacker can devastate a business.


Not only can an attack on a web application affect the back end systems and impact your organisation's compliance posture, it can also put your customer data at risk which can in turn cause a public relations nightmare.

Newly released mid-year Cyber Security Risks Report 2011 offers insights The HP 2011 mid-year edition of the bi-annual Top Cyber Security Risks report (bit.ly/hpentersec) features in-depth analysis on web application vulnerabilities and attacks using data from HP DVLabs, Application Security Center and Fortify security units as well as vulnerability disclosure data garnered from the Open Source Vulnerability Database (OSVDB). Key findings from this report include:

  1. Organisations aren't patching pre-existing vulnerabilities in commercial web apps leaving low hanging fruit for attackers to exploit; and/or
  2. There are a growing number of custom-developed web apps that are rife with vulnerabilities that can't be protected with commercially available security products.

Download the full report here: bit.ly/hpentersec

What's your next enterprise security move?

Now that you've read about all of the most current risks and vulnerabilities, what do you need to do to protect your organisation from them? Get acquainted with HP's Enterprise Security Solutions here: bit.ly/hpesecsol

By Jennifer Lake, Security Product Marketing Manager, HP Networking

Web App attacks at the mid year Web App attacks at the mid year

About HP Enterprise Security Solutions

HP Enterprise Security Solutions combines:

Working in conjunction with a wide spectrum of technology and service partners, HP's Enterprise Security Solutions are designed to reduce risk associated with financial loss, reputation damage, and audit/compliance requirements.

HP Enterprise Security Solutions provide a layered system of defence for the enterprise. HP can help you assess, transform, manage, and optimise across your risk strategy and security operations.