Home / Business Continuity / Web Applications Weakest Spot in Network Defenses per 2017 Cloud Security Report

Web Applications Weakest Spot in Network Defenses per 2017 Cloud Security Report

Alert Logic has released the 2017 Cloud Security Report which analyzes real-world security data to identify cyber-attack trends in attacker behavior and security practices. The report findings are based on data from more than 3,800 cloud, on-premises, and hybrid cloud customers and more than two million security incidents was analyzed over an 18-month period.

Customers in the report data set represent a broad range of industries (452 unique SIC codes) and organization sizes, from small-to-medium-sized businesses to large-scale enterprises. Eighty two percent of customer deployments analyzed hosted workloads in the cloud – either on an Infrastructure-as-a-Service platform or hosted private cloud – and approximately one-third maintained on-premises or cloud hybrid infrastructure.

The report focuses predominately on OWASP Top 10 attack methods, while examining three other significant categories of attack methods – brute-force attacks, server-side ransomware, and undesirable outside reconnaissance. Key finding in the report indicate that: web applications are the soft underbelly of organizations; pure public cloud installations experienced the fewest security incidents; server-side ransomware represented only 2 percent of total incidents; and bad actors like content management systems and e-Commerce platforms.

The report also examines five industry verticals – Finance Services and Insurance; Health Services; Information Technology and Services; Production, Manufacturing, and Logistics, and Retail and Accommodation – to pinpoint prevalent attack vectors and patterns within those sectors.

The complete 2017 Cloud Security Report is available for download from Alert Logic.


Share to...