Nine out of ten web applications have security vulnerabilities. This is the rather frightening conclusion of a study released in 2020 by Positive Technologies (http://mng.bz/mOj2), a provider of various security solutions. Obviously, such studies can often be biased toward the business model of those who conduct them, but several other studies from previous years yielded similar outcomes. Here’s a report about one study from as far back as 2009: http://mng.bz/5Qo1.
- The major security risk for web applications lies in their code.
- The problem is industry-wide, and the situation does not seem to be getting better.
Often, a lack of security does not immediately show—until it’s too late and a web application has been successfully hacked. It is therefore mandatory to make web application security a top priority and to use security best practices from the very beginning of a project.