WhiteHat: Most Web sites are vulnerable now

Data shows at least 82 percent of sites have had a security flaw in the past, and 63 percent are unsecured right now

The vast majority of web sites have a security vulnerability, according to data released Monday by WhiteHat Security, a security and audit provider specializing in web application security.

The latest installment of the WhiteHat Website Security Statistics Report, which contains data collected from WhiteHat enterprise clients between January 1, 2006 and March 31, 2009, finds 82 percent of web sites have had a high, critical or urgent issue over their lifetime. It also states 63 percent of web sites currently have a high, critical or urgent issue, meaning they are unsecured today (See Also: Web Application Security Today: Are We All Insane?).

Social networking sites are responsible for the highest level of vulnerabilities, with around with 82 percent having an urgent, critical or high severity issue. Education sites and IT sites came in second and third, with 76 percent and 75 percent, respectively, having vulnerabilities, the report said. Retail, insurance, pharmaceutical, healthcare, and telecommunications sites also ranked high.

"One of the biggest takeaways from this report is that not all vulnerabilities are created equal, but many are very serious, leaving the door open to exploit sensitive information and cause some serious damage," said Jeremiah Grossman, founder and chief technology officer at WhiteHat Security, in a statement on the findings.

WhiteHat said the top ten vulnerabilities remain largely unchanged from previous reports. Cross-site scripting tops the list. Business logic flaws occupied more than half of the top spots.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags whitehat

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Joan Goodchild

Latest Videos

More videos

Blog Posts