Internetblog.org.uk Web hosting, Domain names, Dedicated servers
White Hat Security has release client data indicating that over 60 percent of their clients’ websites have serious vulnerabilities, and websites have an average of seven unfixed vulnerabilities. One of the most serious security flaws fond is the infamous cross-site scripting (XSS). White Hat estimates that there is a 65 percent chance that any given website has XSS bugs.
The average number of vulnerabilities that a website will have over the duration of its existence is 17, ranging from XSS flaws, spoofing bugs, and SQL injection to session fixation. According to White Hat, social networking sites have an 82 percent chance of having security flaws, something that might concern the many millions of people who provide those sites with personal information.
There are two factors that can prevent or slow down the process of sites fixing their security flaws: 1. The amount of effort and time that it takes to find the flaws that could be scattered and numerous, and 2. new vulnerabilities can emerge after old ones are fixed. For this reason, many security flaws go for month unfix or never get fixed at all.
Grossman (CTO of White Hat) says how an organization prioritizes its vulnerability remediation varies from company to company. “How do you judge risk, allocate your resources? You need two strategies — one for the Websites that have not yet been built, and another for ones that are currently live.”
Source: Dark reading
Photo: Flickr
