Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

WASC Announcement: 2008 Web Application Security Statistics Published

From: announcements () webappsec org
Date: Fri, 16 Oct 2009 13:50:23 -0400 (EDT)

The Web Application Security Consortium (WASC) is pleased to announce
the WASC Web Application Security Statistics Project 2008. This
initiative is a collaborative industry wide effort to pool together
sanitized website vulnerability data and to gain a better understanding
about the web application vulnerability landscape.

The statistics was compiled from web application security assessment
projects which were made by the following companies in 2008 (in
alphabetic order):

    * Blueinfy
    * Cenzic with Hailstorm
    * DNS with WebInspect
    * Encription Limited
    * HP Application Security Center with WebInspect
    * Positive Technologies with MaxPatrol
    * Veracode with Veracode Security Review
    * WhiteHat Security with WhiteHat Sentinel

The statistics includes data about 12186 sites with 97554 detected
vulnerabilities.

http://projects.webappsec.org/Web-Application-Security-Statistics

If you represent an organization that performs vulnerability assessments
on websites, particular in those in custom web applications, through a
manual or automated process and would like to participate please let us
know. Please contact Sergey Gordeychik (gordey_at_ptsecurity.com).

Regards,
- Sergey Gordeychik 
http://www.webappsec.org/ The Web Application Security Consortium


----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: