Gain free access to otherwise paid-for content
Access sensitive or restricted information
Spy on a user’s web browsing habits
Steal a user’s identity
Defame corporations
Damage Web applications
Launch Denial of Service attacks
APPLICATIONSECURITY
Web-based software components provide a new attack vector that can be used to exploit weaknesses in software quality and business logic in order to:
What is an App?Applications are special software programs accessed and used via the
Internet – from desktops and servers to mobile devices. For consumers,
applications are an easy and efficient way to connect to favorite
websites and productivity tools, but businesses and organizations also
use applications to support mission-critical functions.
Businesses, organizations, and consumers are increasingly
reliant on applications for a variety of different purposes. This
increases the potential for hackers to compromise corporate
data, user privacy, and perform malicious activity.
Applications need to be secureIt’s not a question of “if” but “when” attacks will occur
ProductivityReputationRevenue Expenses Working with law enforcement, recovering systems, and investigating depth of a compromise requires time and resources
Security incidents undermine consumer confidence and impact purchasing decisions
Customers can’t conduct transactions on unavailable websites or applications.
Recovery costs represent additional, unplanned expenses
Identify and prioritize critical applications, test for security, and retest when applications change to protect critical assets.
Incorporate security into your development lifecycle
Apps are used on desktops, servers, laptops, mobile devices, and in the cloud.
*Source: “State of Web Application Security,” Ponemon Institute, 2011
CONSUMERCORPORATION
Types of Applications
85% of U.S. companies have experienced one
or more data breaches*
85%of organizations test
fewer than 25% of applications for vulnerabilities*
66%
Applications are the front door to critical data
Social networking
Webmail
Internet Browser
RSS Readers
Cloud Applications
HR/Payroll
Inventory Management
www.att.com/consulting/security