Hyperguarding your Web Applications

67 Days to Fix a Serious Web Vulnerability?

Posted by hyperguard on November 16, 2009

We recently heard some startling information—WhiteHat reported it takes the industry an average of 67 days to fix Cross-Site Scripting (XSS) issues! They shared this fact during a presentation revealing research on the progress companies are making in Web application security.

According to Jeremiah Grossman, WhiteHat found that 83% of websites have had at least one serious vulnerability. 64% of websites currently have at least one serious vulnerability, the most prevalent being XSS. Although awareness of XSS is building and they know how to fix it, Jeremiah says it still takes time to fix the issue. If an organization has a vulnerability for 67 days, it can create a downturn for the website or a loss in revenue. Why is it difficult for some companies to resolve vulnerabilities quickly? This can happen for a number of reasons including the coding is old and no one currently at the organization can maintain it, the code was outsourced or the error does not cause a compliance violation and it gets overlooked.

The presentation went on to say that only 30 to 60% of vulnerabilities ever get fixed. Although there is awareness for web application problems, there is not enough being done about them.  Imagine how an ecommerce site would suffer during the holiday season if it had a web vulnerability for 67 days!  This is a common issue and one the cloud computing industry is particularly susceptible to. One of the major uses for cloud services right now is overflow services during holidays and other abnormally high web traffic periods. This is the reason we have created made hyperguard SaaS for Amazon Web Services available – to allow companies to extend protection into the cloud.


One Response to “67 Days to Fix a Serious Web Vulnerability?”

  1. […] departments, who often compete for resources and exacerbate the issues. In fact, it takes nearly 67 days to fix a vulnerability today. So, what should this new role look […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: