1. Web Applications: An attractive target for hackers
How do you cost effectively defend web applications from hackers? Your organization relies on mission critical business applications that contain sensitive information about customers, business processes and corporate data. Moving away from proprietary client/server applications to web applications gives you a simpler, cost-effective, highly extensible delivery platform. These applications are more than a valuable tool to power your business operations; they are also a valuable and vulnerable target for attackers.
Web applications are increasingly the preferred targets of cyber-criminals looking to profit from identity theft, fraud, corporate espionage, and other illegal activities. The impact of an attack can be significant, and include:
o Costly and embarrassing service disruptions
o Lost productivity
o Stolen datav
o Regulatory fines
o Angry users
o Irate customers
In addition to protecting the corporate brand, federal and state legislation and industry regulations are now requiring web applications to be better protected.
As you take action to protect web applications in a timely and effective manner, you must balance the need for security with availability, performance and cost-effectiveness. Protecting web applications requires both zero-day protection and rapid response with minimal impact to operations without impacting performance or changing system architectures.
2. Web applications are increasingly vulnerable.
Rapid growth leads to emerging problems
The number of corporate web applications has grown exponentially and most organizations are continuing to add new applications to their operations. With this rapid growth come common security challenges driven by complexity and inconsistency. New awareness into web application vulnerabilities, thanks to organizations such as the Open Web Application Security Project (OWASP), has helped organizations identify application security as a priority. But according to a June, 2006 survey (www.symantec.com/ about/news/release/article.jsp?prid=20060919_01), while 70 percent of software developers indicated that their employers emphasize the importance of application security, only 29 percent stated that security was always part of the development process.