Enterprises need to adopt integrated security solutions that can continuously monitor and defend against new emerging cyber-attacks, says Ashish Tandon CEO, Indusface
Increased online usage has also increased the frequency of cyber-attacks which are becoming more severe and damaging in nature. Security threats like SQL injection attacks, cross site scripting, and other application errors allow attackers to target the most unsuspecting users through seemingly harmless websites and apps, warns Indusface, a leading provider of application security solutions for web and mobile applications. Therefore, enterprises need to adopt more holistic, integrated security solutions that can continuously monitor and defend against emerging attacks, suggests the company. Indusface offers a unique service – Total Application Security (TAS), an integrated solution which can Detect, Defend and Monitor 24X7. IndusGuard Web Application Firewall is a part of the TAS solution which ensures continuousdefense from known and potentially unknown vulnerabilities
Indusface released afirst of its kind report on the ‘State of Application Security in India 2014’ at the DSCI Annual Information Security Summit 2014. According to the report, the topmost vulnerabilities found in India include application errors (39%), cross site scripting (30%) and sensitive information leakage (10%) with SQL Injection and Cross Site Scripting vulnerabilities being the most critical ones globally. The findings further suggest that about 97-99% of the critical vulnerabilities remain unpatched for over 7 days. This means that CISOs are aware of a vulnerability, which if exploited will almost certainly guarantee financial loss, yet are not able to fix them in the external facing websites for well over a week., while the remaining also take more than 30 days to be addressed.
Mr Ashish Tandon, Chairman and CEO, Indusface says, “Increase in the number of online transactions has increased the risk of website vulnerabilities being exploited by cybercriminals. Stakes are higher for cyber thieves, and are reacting by devising newer ways of breaking into our systems.To protect themselves from such threats, enterprises must look for integrated security solutions that have the capabilities to continuously detect and defend against emerging attack vectors.”
The Indusface report is based on an analysis of the vulnerabilities data collected by Indusface’s flagship web application security solution, IndusGuard. The Indusface team performed about 4.5 billion ethical hacks for its customers in 2014, and identified thousands vulnerabilities for more than 700 customers.
Mr Tandon says,”CIOs must analyze thoroughly before opting for a security solutions provider, as security is a critical component in order to protect the intellectual capital of an organization. At Indusface, we make extra efforts to keep our customers informed about new vulnerabilities and provide them an integrated solution that can detect and defend against security threats 24X7.”
The Indusface team lays emphasis on the need for combining ‘human intelligence’ with security products to offer ‘total application security.’ In the times of socially engineered and persistent attacks, organizations need security solutions that provide hybrid analysis-i.e., web application scanning with a managed web application firewall, which works on behavioral analysis.
Indusface is the first company to guarantee zero WAF false positives i.e. fixing of identified vulnerabilities and ensuring that no legitimate web traffic is affected. Zero WAF False positive, combined with our application layer DDoS protection has been a game changer to the adoption of WAFs globally. Our hybrid solution combines cutting edge application security technology with focused human intervention by security experts seems to be a winning combination that our customers having been waiting for.