« One character mistake knocks .se TLD offline | Main | OWASP Publishes Transport Layer Protection Cheat Sheet »

WASC Announcement: 2008 Web Application Security Statistics Published

The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2008. This initiative is a collaborative industry wide effort to pool together
sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape.

The statistics was compiled from web application security assessment projects which were made by the following companies in 2008 (in alphabetic order):

    * Blueinfy
    * Cenzic with Hailstorm
    * DNS with WebInspect
    * Encription Limited
    * HP Application Security Center with WebInspect
    * Positive Technologies with MaxPatrol
    * Veracode with Veracode Security Review
    * WhiteHat Security with WhiteHat Sentinel

The statistics includes data about 12186 sites with 97554 detected vulnerabilities.


If you represent an organization that performs vulnerability assessments on websites, particular in those in custom web applications, through a manual or automated process and would like to participate please let us
know. Please contact Sergey Gordeychik (gordey_at_ptsecurity.com).


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!