Brief: Research identifies five key threats to Web 2.0

By SearchSoftwareQuality.com Staff 06 Sep 2007 | SearchSoftwareQuality.com

Software quality news and advice Digg This!     StumbleUpon     Del.icio.us

WatchGuard Technologies, a provider of secure appliances and unified threat management (UTM) solutions, warns that the changing nature and scale of security threats will pose more strenuous challenges for security administrators as they embrace the Web 2.0 world.

Research over the last three years by WatchGuard's Rapid Response team has tracked attack patterns and identified five key threats: DNS system attacks, virus and malware, buggy Web applications, hacking for profit and end users themselves.

According to WatchGuard's survey, many of today's attacks are targeted and done for profit, such as the sale of personal information or blackmail. The focus of Web-based attacks has also shifted to applications running on the Web server and the data systems that back them up by exploiting flaws in Web site design.

While web servers in general are quite stable and secure, the Web sites that run on them are another matter. If not designed properly and securely, a Web site can be used as a platform to attack the data behind it, leading to information disclosure and online fraud.

On the desktop, relatively harmless virus infections have now morphed into a devil's brew of sophisticated viruses, spyware, root kits and botnets. At the same time, attacks such as phishing and drive-by downloads target the most vulnerable portion of the network infrastructure -- its users -- with surprising levels of success.

Tags: Software security testing and techniques,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Software security testing and techniques Is SQL injection really the guilty party in software application vulnerabilities? Web server weaknesses you don't want to overlook Using firewalls for software testing: Pros and cons Beating software's cross-site scripting, authentication problems Free Web proxy security tools software testers should get to know How to get management on board with Web 2.0 security issues Web application security best practices: Tips on implementation Testing strategies for complex environments How to make your software tamperproof Ways to approach application performance testing on a tight budget

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary