According to research conducted by CAST, a software analysis and measurement company, 70% of retail and 69% of financial services applications shown to have data input validation violations.
Findings indicate that government IT had the highest percentage of applications without any input validation violations (61%), while independent software vendors came in last (12% without violations). Even more surprising, the data showed that the financial services industry has the highest number of input validation violations per application (224).
As of June 21, 2014, it is estimated that 309,197 public web servers still remained vulnerable. In addition, another report reveals that input validation attacks were exploited in 80% of attacks against applications in 2013 in the retail industry. One of the casualties registered was the eBay data breach, which resulted in hackers gaining access to over 145 million user records and a federal investigation.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now