By Chris Herrera, CISSP, Senior Security Solutions Architect; Deep Trikannad Sr. Mgr, Product Marketing, Cloud Security; Harry Wan, CISSP, CCSK, Director Cloud Security Professional Services, all of Verizon Media
The OWASP Top 10 list is a recognized industry source for tracking cyber attacks. Historically, the amount and types of attacks we’ve blocked have mirrored OWASP’s results. However, last quarter, our findings and OWASP’s were not in sync. In Q3, we blocked more path traversal (A5:2017-Broken Access Control) attacks than we did for SQL injection (A1:2017-Injection). The total number of the top three types of attacks we monitor (path traversal, SQL injection and XSS), were up by 14% over the last quarter. With all types of attacks increasing, it’s critical that you have a deeper understanding of where the threats are coming from, which are most prevalent, and what you can do to protect your business.
In our Q3 2020 Managed Web Security Report, you’ll learn details on path traversal attacks and best practices for defending against them, gather data on various security threats, including application layer Distributed Denial of Service attacks and learn which countries are the leading sources for attacks.
The advancement of attack tools and low-cost cloud servers has increased the number of less-sophisticated bad actors launching automated attacks using freely available tools that make it easier to exploit common vulnerabilities. So it’s not surprising that according to a recent survey, 92% of IT audit and security professionals said they are seeing an increase in cybercrime.*
Safely serve your customers. Download our latest Managed Web Security Report to see the individual cyber threat trends and how Verizon Media’s security products can help protect your websites, online applications, and API endpoints.