Recommended: System Errors? Click here to Fix your PC »
Since January 2006, Acunetix has been offering a free automated web scan forqualifying websites. Out of a total of 10,000 applications, Acunetix has scanned3,200 sites belonging to either businesses or non-commercial entities.
Alarming results
70% of the websites scanned were found to contain high or medium vulnerabilities.There is an extremely high probability of these vulnerabilities being discovered andmanipulated by hackers to steal the sensitive data these organizations store.
On average 91% of these websites, contained some form of website vulnerability,ranging from the more serious such as SQL Injection and Cross Site Scripting to moreminor ones such as local path disclosure or directory listing.
Approximately 66 vulnerabilities per website were found for a total of 210,000vulnerabilities over the scanned population.
50% of the websites with instances of high vulnerabilities were susceptible to SQLInjection while 42% of these websites were prone to Cross Site Scripting. Otherserious vulnerabilities include Blind SQL Injection, Cross Site Scripting, CRLFInjection and HTTP response splitting, as well as script source code disclosure.
 The results show clearly that the problem of unsafe web applications is beingignored completely, stated Kevin J Vella, VP Sales and Operations of Acunetix. These statistics should compel organizations to take a serious look at theirsecurity infrastructure  the recent hacks into TJX, UCLA and the Dolphin Stadiumare proof enough that the problem is very real and looks like it is here to stay.Companies, governments, and universities are bound by law to protect our data. Yetweb application security is, at best, overlooked as a fad. Without soundingapocalyptic, I believe the 70% figure should send tremors not just ripples in themarket.Â
About Acunetix Web Vulnerability Scanner
Acunetix Web Vulnerability Scanner ensures website security by automaticallychecking for SQL injection, Cross site scripting and other vulnerabilities. Itchecks password strength on authentication pages and automatically audits shoppingcarts, forms, dynamic content and other web applications. As the scan is beingcompleted, the software produces detailed reports that pinpoint wherevulnerabilities exist.
About Acunetix
Acunetix was founded to combat the alarming rise in web attacks. Its flagshipproduct, Acunetix Web Vulnerability Scanner, is the result of several years ofdevelopment by a team of highly experienced security developers. Acunetix is aprivately held company with headquarters based in Europe (Malta), a US office inSeattle, Washington and an office in London, UK. For more information aboutAcunetix, visit: http://www.acunetix.com; http://www.acunetix.de.
All product and company names herein may be trademarks of their respective owners.
