Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Biggest Cybersecurity Stories, Breaches and AppSec Lessons of 2017 [Infogaphic]

DZone's Guide to

Biggest Cybersecurity Stories, Breaches and AppSec Lessons of 2017 [Infogaphic]

2017 wasn't exactly a banner year for AppSec, between WannaCry and the continued prevalence of SQL injection attacks. Here's a list of the not-so-fun memories.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

The past year featured daily news about cyberattacks, data breaches, and software vulnerabilities. If it feels like our cybersecurity challenges grow bigger and more complex, year after year, it's more than just a perception. Research from security companies shows that there are more attacks than ever, and organizations have not caught up with the preventive measures needed to meet the challenge.

Web application attacks are the leading cause of confirmed breaches, according to Verizon. Meanwhile, Akamai found in its research for the State of the Internet Security Report that attacks on web applications increased by 69 percent from Q3 2016 to Q3 2017. The number one web application attack vector continues to be SQL injection, and SQL injection attacks increased by 62 percent year over year.

What's even more troublesome is that SQL injection, the number one application risk in the 2017 OWASP Top 10, is also one of the most persistent problems for application security programs. CA Veracode's research, for our 2017 State of Software Security (SOSS) report, found that 28 percent of applications have a SQL injection vulnerability, a figure that hasn't changed much over the past five SOSS reports.

As these grim statistics prove, application security is more important than ever. Fortunately, among the takeaways from our SOSS report, is the fact that application security programs make a significant difference in reducing risk. For example, the OWASP pass rate of applications improved by 13 percent after the initial scan. And that improvement accelerates over time, with the most mature application security programs seeing a 35 percent better OWASP pass rate than organizations just starting out on their application security journey.

There are many lessons we can draw from the big application vulnerabilities, data breaches, and cyberattacks we witnessed in 2017. The infographic below offers key takeaways from four of the biggest cybersecurity stories of the last year, with security tips that can help organizations prevent these kinds of attacks and breaches in the future. 

Image title


Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

Topics:
security ,sql injection ,cyberattacks ,appsec ,ransomware

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}