Our website makes use of cookies like most of the websites. In order to deliver a personalised, responsive and improved experience, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. These cookies are completely safe and secure and will never contain any sensitive information. By clicking continue here, you give your consent to the use of cookies by our website.

Wednesday, 15 July 2015 12:59

Almost 50% of enterprise websites are open to attack

Written by 

New online web security tests of over 15,000 business web sites show security against SQL injections is lax, patches for POODLE haven’t been applied and half would fail at PCI compliance

In the race to produce user-friendly interfaces and customer-centred apps businesses are leaving their data wide open to cyber criminals. The Web Application Vulnerability Report 2015 from security vendor Acunetix has found nearly half of web apps contain a high security vulnerability.

The new report on 5,500 companies comprising 15,000 website and network scans, performed on over 1.9 million files by Acunetix’s cloud-based Online Vulnerability Scanner, finds nearly half (46%) of the web applications scanned contained a ‘high security’ vulnerability such as XSS or SQL Injection, while almost 4 in 5 (87%) were affected by a ‘medium security’ vulnerability.


Also many scans found the main superbugs of 2014 have not been patched, especially POODLE and 50% of the organisations scanned would fail at complying with the financial industry’s PCI Data Security Standards.

When it comes to Network Vulnerabilities, administrators are performing better, however the stats are still not reassuring at all. 10% of the servers scanned were found to be vulnerable to ‘high’ security risks, and 50% had a ‘medium’ security vulnerability.

Nick Galea, CEO at Acunetix says: “These are worrying stats, showing businesses are failing in some basic web security areas.…it’s just like leaving your wallet or unlocked phone lying around in a public place. It’s more a question of how long it takes, rather than if at all, before you are compromised.”

Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.



255x635 banner2-compressed