{"id":344,"date":"2015-03-12T03:39:15","date_gmt":"2015-03-12T09:39:15","guid":{"rendered":"https:\/\/cigniti.com\/blog\/?p=344"},"modified":"2021-04-12T13:32:19","modified_gmt":"2021-04-12T08:02:19","slug":"need-hour-security-testing-test-often-test-right","status":"publish","type":"post","link":"https:\/\/www.cigniti.com\/blog\/need-hour-security-testing-test-often-test-right\/","title":{"rendered":"The Need of The Hour In Security Testing \u2013 Test Often And Test Right"},"content":{"rendered":"

2015 has just started and already the Identity Theft Resource Center has reported 101 data breaches with over 80M records stolen<\/a>. The US military Twitter account was recently hacked by terrorists. The Sony data breach is still fresh in our minds. And now millions of WordPress users who have downloaded the WP-Slimstat plug-in have been asked to upgrade to the next version due to a critical flaw that makes sites vulnerable to SQL injection attacks.<\/p>\n

What this teaches us is even the best of us are not safe from malicious attacks. And the only way for us is to test the security of our sites as early and as often as possible.<\/p>\n

[Tweet “Why your Web Application needs frequent Security Testing”]<\/p>\n

Why are our websites vulnerable?<\/strong><\/h3>\n

As hackers find new ways to gain access to our websites, a firewall based solution is simply not enough. Access Controls, Cryptography, IPS, IDS etc. are useful only until hackers find a way to get past them.<\/p>\n

Each day reveals new vulnerabilities with attackers finding sophisticated ways to breach a website. An average website is attacked 2 to 200 times a day by worms and crawlers that take advantage of any weakness in the site. Compromised websites can be infected with malware which then infects visitors to the site.<\/p>\n

Sensitive data like Personally Identifiable Data (PII), Social Security Numbers, Bank account numbers, Credit card data etc. can fall into the wrong hands. It can take an average of 7-10 days and an average cost of $3.5M<\/a> to recover from an attack.<\/p>\n

[Tweet “Painting the Web Application Security Testing Tools landscape”]<\/p>\n

What happens when security is compromised?<\/strong><\/h3>\n