Remediation rates for security flaws have been gradually declining, which is a worrisome sign as app-related security breaches escalate. According to recent research by WhiteHat Security, which analysed data collected from security scans of over 17 million applications, organizations have recognized the importance of vulnerability detection but have failed to follow through on resolving security issues after they are uncovered.
This suggests a downward trend in remediation rates which is surprising, since a growing number of organizations are making security testing a priority.
Poor app remediation rates pose severe security threats
WhiteHat Security isn’t the only organization that has addressed problems with app vulnerability remediation. Their report is the among most recent, but Deloitte, Edgescan and other organizations have made similar revelations.
The risks associated with app security issues are too grave to ignore. A report from Positive Technologies found that inadequate web app security was responsible for 75% of network penetrations. Another study published earlier this year found that 46% of websites had high security vulnerabilities, which was largely due to app security flaws. The discovery of app security flaws coincides with a 38% increase in SQL injection attacks.
Since many security breaches are caused by security vulnerabilities in web apps, remediation needs to be a top priority moving forward.
What remediation measures should organizations take?
Organizations need to take a variety of measures to deal with web app security risks. The following findings have been highlighted by multiple independent web security reports, which suggests they warrant the most attention.
Security analysis must be performed during the development stage of enterprise applications - Security issues are sometimes introduced during updates or patches after the initial app is released. However, the majority are caused by coding imperfections during the developmental process.
Application vulnerabilities can be resolved much more easily if they are discovered during the developmental stage. The problem is that organizations don’t make security testing a priority until the production stage or later. One analysis by Deloitte showed that 63% of applications are never tested for security flaws at all.
Organizations should assign security experts to screen apps during the developmental process. Their findings could significantly reduce the time and resources needed to remediate issues down the road.
The remediation process should emphasize screening the most easily distinguishable blocks of code in any given app - Web applications have created a strange paradox in the security arena; they only account for 19% of all known security risks, yet they account for 70% of the high risk security vulnerabilities. This data explains the fact that web security flaws are the underlying cause of 75% of all vector security breaches, even though network vulnerabilities are much more prevalent.
Why are web applications responsible for most high-risk security flaws? The underlying issue is their uniqueness, which application security experts sometimes refer to as “the snowflake effect.”
Every time a new app is released, it contains unique code patterns. Hackers make a habit of studying applications to identify vulnerabilities that were previously undetectable in their code. They focus their efforts on aspects of the app that are most unique, since code that is similar to other apps will have already been scrutinized and security issues will have been remediated.
Organizations should adopt the same approach, paying close attention to unique parts of the application code and urgently addressing any vulnerabilities that come to light.
Pay close attention to the container infrastructure
Many application security issues are caused by flaws within the container infrastructure. Developers need to make docker container monitoring a key focus. O’Reily Media has identified the biggest risks with containers, which include:
- Kernel exploits
- Poisoned images
- Denial of service attacks
- Container breakouts
The docker container monitoring process should include looking at log collectors, storage issues and the user interface. The risk of web app security breaches can be minimized considerably by taking these precautions.
Web app remediation is a necessity that requires more attention
WhiteHat Security unveiled some important findings for the web security industry. Web applications are one of the biggest sources of high-risk security issues, but too many organizations have ignored the risks they have created. They must make app vulnerability detection a top concern in the years to come.