Web Applications May Experience More Than 2,700 Attack Incidents Per Year
(Thomson Reuters ONE) -
Media Contact:
Fitzgerald Barth
(415) 432-2457
fitzgerald.barth(at)lewispulse.com
Third Semi-Annual Web Application Attack Report from Imperva Finds Web
Applications Under Attack One Third of the Time; SQL Injection Remains Most
Popular Vector
REDWOOD SHORES, Calif. - August 7, 2012 - Imperva, Inc. (NYSE: IMPV), a pioneer
and leader of a new category of data security solutions for high-value business
data in the data center, released today the results of the third Imperva Web
Application Attack Report (WAAR), which reveals that the median annual attack
incidents on the 50 Web applications observed was274 times a year, with one
target experiencing more than 2,700 attack incidents.
According to the report, the average attack incident for the observed Web
applications lasted seven minutes and 42 seconds, but the longest attack
incident lasted an hour and 19 minutes. SQL Injection remains the most popular
attack vector.
"These findings indicate a significant difference between an average Web
application attack incident and the upper limit," said Amichai Shulman, CTO,
Imperva. "We believe that organizations that are only prepared for an average
attack incident may be overwhelmed by larger attack incidents, like a flood
bursting through a levy."
The WAAR, created as part of Imperva's ongoing Hacker Intelligence Initiative,
offers insight into actual malicious attack traffic of 50 Web applications over
a period of six months, December 2011 through May 2012. Imperva monitored and
categorized numerous individual attacks across the Internet, as well as attacks
targeting different enterprise and government Web applications. The WAAR
outlines the frequency, type, and geography of origin of each attack to help
security professionals prioritize vulnerability remediation.
Highlights from the report include:
* SQL injection remains most common attack vector: Imperva reviews and
summarizes the cumulative characteristics of Web application attack vectors,
including SQL injection, cross-site scripting (XSS), RFI and LFI, and
observes that SQL injection is the most commonly used attack for the 50
observed Web applications.
* Intensity of attacks increasing: Applications will typically see only some
serious attack action roughly every third day, for a few minutes, but the
attacks may overwhelm the application if the defenses are prepared for only
the average intensity of attack.
* France leads SQL injection: As reported in the previous WAAR report, the
majority of requests and attackers originate in the USA, western European
countries, China and Brazil. However, France has emerged as the leading
source of SQL injection attacks, with the attack volume of requested
originating from France almost four times greater than that of the United
States.
"The cyber battlefield looks a lot more like a border keeping mission than total
war - most of the time very little happens, but every once in a while there's an
outbreak of attacks," said Shulman. "Regardless of the frequency of attacks and
peaceful periods, we believe organizations need to be prepared for these bursts
of activity during attack incidents."
For a full copy of the Web Application Attack Report, visit
http://www.imperva.com/download.asp?id=29.
To sign up for a webinar detailing the report, visit
https://imperva.webex.com/imperva/onstage/g.php?d=796741175&t=a&SourceID=016.
About Imperva:
Imperva is a pioneer and leader of a new category of data security solutions for
high-value business data in the data center. With more than 1,800 end-user
customers and thousands of organizations protected through cloud-based
deployments, Imperva's customers include leading enterprises, government
organizations, and managed service providers who rely on Imperva to prevent
sensitive data theft from hackers and insiders. The award-winning Imperva
SecureSphere identifies and secures high-value data across file systems, web
applications and databases. For more information, visit www.imperva.com, follow
us on Twitter or visit our blog. We're hiring! Help us protect the world's
data: http://www.imperva.com/go/jobs.
Forward Looking Statements
This news release contains forward-looking statements, including without
limitation those regarding Imperva's belief that organizations that are only
prepared for an average attack incident may be overwhelmed by larger attack
incidents and Imperva's belief that organizations need to be prepared for attack
incidents. These forward-looking statements are subject to material risks and
uncertainties that may cause actual results to differ substantially from
expectations. You should consider important risk factors, which include: the
risk that our products are not adopted at levels that we anticipate; the risk
that competitors may be perceived by customers to be better positioned to help
handle Web application attacks; and other risks detailed under the caption "Risk
Factors" in Imperva's Form 10-Q filed with the Securities and Exchange
Commission, or the SEC, on May 11, 2012 and Imperva's other SEC filings. You can
obtain copies of Imperva's SEC filings on the SEC's website at www.sec.gov. We
undertake no obligation to update any of the forward-looking statements
contained herein after the date of this release, whether as a result of new
information, future events or otherwise.
© 2012 Imperva, Inc. All rights reserved. Imperva, the Imperva logo and
SecureSphere are registered trademarks of Imperva, Inc.
# # #
This announcement is distributed by Thomson Reuters on behalf of
Thomson Reuters clients. The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and
other applicable laws; and
(ii) they are solely responsible for the content, accuracy and
originality of the information contained therein.
Source: Imperva Inc. via Thomson Reuters ONE
[HUG#1631611]
Datum: 07.08.2012 - 10:00 Uhr
Sprache: Deutsch
News-ID 172055
Anzahl Zeichen: 6871
contact information:
Kategorie:
Business News
Diese Pressemitteilung wurde bisher 140 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Web Applications May Experience More Than 2,700 Attack Incidents Per Year"
steht unter der journalistisch-redaktionellen Verantwortung von
Imperva Inc. (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
