Only one out of 1,000 cross-site scripting attacks (.001 percent) progress and require a security response, according to research released Tuesday by application security company tCell.
The State of In-Production Application Security report, drawn from analysis of more than 30 major enterprise applications in production, shows that over 40 percent of organizations experience account takeover attacks unrelated to software flaws over just a 30-day period. These attacks typically leverage large credential breaches, and 85 percent of them successfully compromise a user.
More than 90 percent of organizations have orphan application routes, or API endpoints which have been forgotten and left open. More than a quarter of companies have over 100 such vulnerabilities, which represent an attack surface with no business benefit, according to tCell.
“Many enterprise organizations start out thinking they have to replicate the traditional data center security stack for cloud environments,” Michael Feiertag, tCell CEO said in a statement. “The reality is that it’s a different, far more dynamic world, with a lot of effort from the cloud provider on securing that infrastructure. Organizations need to focus on protecting what’s theirs, the application, which enables all of the goodness that is cloud without weighing it down.”
The report findings and insights about securing production applications gathered by tCell since it began broad customer deployments last year underscore the variety of application attack vectors and types, which the company says go beyond the OWASP Top 10.
Along with the report, tCell announced expanded product functionality and platform support. The company now supports enterprise .NET applications, and its latest release adds point-of-attack instrumentation to determine if command injection attempts have breached the app, and field-level encryption for increased data security in regulated industries like healthcare and financial services.