By Thomas Claburn
InformationWeek
November 9, 2009
The number of software vulnerabilities detected has risen to the point that almost 9 out of 10 Web applications have flaws that could lead to the exposure of sensitive information.
Cenzic's "Web Application Security Trends Report Q1-Q2, 2009" report, released on Monday, says that more than 3,100 vulnerabilities were identified in the first half of the year, 10% more than the number identified in the second half of 2008.
Of the vulnerability total, 78% were Web application vulnerabilities, lower than in the second half of 2008 but higher than in the first half of last year.
The SANS Institute's Top Cyber Security Risks report, released in September, found that over 60% of attack attempts on the Internet target Web applications.
Ninety percent of the Web application vulnerabilities were in commercial Web apps and 8% were the browsers that run Web apps, Cenzic's report says.
[...]