Security vs Coffee Spending 10 Reasons Why Web Applications Are Easy Targets
While 73 percent of the organizations in the study have been hacked at least once in the last 24 months, 72 percent of the respondents test less than 10 percent of their applications.
No Title
Twenty percent of organizations do not test their web applications for vulnerabilities at all.
No Title
Forty percent of organizations test only 5 percent of their Web applications.
No Title
The extrapolated average for all Web applications that are being tested by organizations was estimated to be 13 percent. The main reasons for not testing their Web applications are a lack of budget and expertise.
No Title
Of those that do test, only 13 percent test their applications in production.
No Title
Twenty-one percent of respondents did not know how long it takes to fix one vulnerability and 6 percent say they are never able to fix these vulnerabilities.
No Title
Decisions to fix Web application vulnerabilities are made informally (46 percent of respondents) or there is no effort to prioritize (29 percent).
No Title
Eighty-eight percent of respondents say the coffee budget is bigger – about $30 per employee per month – than web application security spending .
No Title
Sixty-nine percent of respondents rely upon network firewalls to secure Web applications.
No Title
Only 29 percent of the IT practitioners believe web application firewalls are critical to security infrastructure.