Symantec says : Web apps and services prove high risk

The report worries about the ‘relative ease of discovering vulnerabilities in Web applications compared to other platforms’. Source code is easily obtained, they are frequently updated, and because there are few restrictions to distinguish valid input from invalid, web applications are ‘susceptible to common types of input validation vulnerabilities, such as cross-site scripting and SQL injection’.

The technologies underpinning Web applications and Web services also give Symantec cause for concern…

Symantec is concerned that in the rush to develop Web services, the underlying Web applications that use them are not receiving the same level of security auditing as traditional client-based applications and services.

‘As Web applications continue to gain in popularity, Symantec expects to see an increase in the number of attacks taking advantage of the interconnected, interactive nature of AJAX to increase the number of potential targets.’

==> I think recent trend suggets that with newer technology and more focus on developing solutions faster rather than robust and secure is bound to create issues in future stability of the product. I keep hearing comments like “AJAX” enabled, hopefully they are secure and manegeable!!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: