News and Notes from the Makers of Nexus | Sonatype Blog

Open Source Components, Code Volume Drag Down Web App Security -- New Report from Imperva

Written by Matt Howard | January 05, 2018

 

Jai Vijayan provides a nice summary of the Imperva report, The State of Web Application Vulnerabilities in 2017 .  Among the findings...

  • 212% = increase in number of new Web application vulnerabilities disclosed in 2017 compared to 2016
  • 14,082 = number of new vulnerabilities discovered in web applications in 2017 vs. 6,615 in 2016.
  • Security experts point to a handful of causes for the prevailing state of Web application security including:
    • increasing use by developers of open source components to build applications.
    • sheer volume of Web applications being developed and put into production
    • growing adoption of DevOps, agile development, and CI/CD practices

You can read the full report on Imperva site.