SOURCE: Cenzic

December 30, 2008 08:22 ET

Cyber and Web Application Security Vulnerabilities Continue to Threaten National and Economic Security

Cenzic Expects SQL Injection and Cross-Site to Dominate in 2009

SANTA CLARA, CA--(Marketwire - December 30, 2008) - Over the past year, new efforts to hack, terrorize and commit crimes online has become a major pain point for all types of organizations, including government and financial. Not only are hackers smarter and faster, it seems they are now more desperate and determined. Security threats that were once confined to retail and identity industries now have grown to a national security scale.

According to the December 2008 CSIS Securing Cyberspace Report, the Departments of Defense, Homeland Security, Commerce and NASA all suffered major intrusions by unknown foreign entities. "We've seen a few targeted threats over the past year, that mark the advent of new types of exploitation of security vulnerabilities and pose threats for the future," said Mandeep Khera, chief marketing officer of Cenzic, Inc. "The attack on the Republic of Georgia's government sites in August and recent attacks on Indian sites reportedly by Pakistani hackers are prime examples of cyber attacks that directly link to national security, and illustrate how an Internet-dependent country such as the U.S. can be drastically affected. Cyber attacks at the national level are no longer theoretical occurrences; they are a legitimate security threat."

Khera sees that these specific incidences over the last year should serve as a lesson to the United States, and that governments and organizations should focus on increasing their defenses against those who would target the country's financial, government, business, air traffic control and military systems. In the coming years, attacks are expected to be attempted from various Asian and European countries at specific sensitive government sites to steal intellectual property and cause major inconvenience and disruptions. Whether these attacks are successful or not will depend on the cyber security measures taken by the new Obama administration.

Research conducted by Cenzic and others estimate that about 7,000 vulnerabilities will be reported for 2008. Of these, over 70 percent are related to Web applications and over 65 percent easily exploitable. Similar results are expected in 2009, proving that the United States is not prepared for a direct cyber terrorist attack.

"Cyber terrorism attempts of this magnitude are not as difficult as one may think," said Khera. "With the current economic climate, there will be an increase in the number of people willing to take chances on exploiting various vulnerabilities especially in Web sites, and cybercrime is attractive because it is hard to identify the perpetrators. Web application security is now more important than ever, and organizations need to take extra precautions to ensure that security processes are instilled as part of their business practice."

Cenzic, the leading provider of application security vulnerability assessment and risk management solutions, provides customers the most accurate results possible in an automated and cost-effective way to quickly and intelligently assess application security risks across the enterprise. Many of Cenzic's customers are government agencies and Global 2000 corporations that use the Internet to execute key business functions and have large internal development groups, and range from financial services, retail, technology and government sectors.

About Cenzic

Cenzic is the next-generation Web application security assessment and risk management solutions leader. The Cenzic suite of application security solutions fits the need of any company from remote, Software as a Service (ClickToSecure®), for testing one or more applications, to a full enterprise-wide solution (Cenzic Hailstorm® Enterprise ARC) for effectively managing application security risks across an enterprise. Always an innovator, Cenzic has integrated Hailstorm with VMware to enable testing of production Web applications through virtualization -- making Cenzic the only company in the industry with a complete solution for assessing Web applications in all stages from development to production. In addition, Cenzic solutions, targeted at financial services, e-retail, high-tech, energy, healthcare and government sectors, are the most accurate, comprehensive and extensible in the industry, empowering organizations to stay on top of unrelenting application security threats.

Contact Information


  • Contact Information
    Tami Casey
    Kulesa PR for Cenzic
    (650) 340-1984
    Email Contact