New study by Barracuda shows WebApp as one of the biggest security challenges in companies. Malicious bots, broken APIs and supply chain attacks are putting enterprise application security under pressure. The study “The state of application security in 2021” shows that companies need to do a lot more to ensure their web application security.
How are companies doing in terms of application security? How many times have organizations been the victim of application vulnerability attacks in the past 12 months? And which new threats are increasingly challenging those responsible for IT security? Answers to these and other questions are provided by the current survey by Barracuda, which the cloud security specialist carried out among 750 participants around the world on the status of application security in companies.
Cloud security specialist Barracuda launched a survey
Overall, the results of the study The state of application security in 2021 show that companies have to do significantly more for their web application security than before in order to protect themselves against threats. Effective protective measures are particularly necessary against newer threats such as bot attacks, API attacks and attacks on the supply chain.
Key findings from the survey
On average, the surveyed companies were successfully attacked twice in the last 12 months as a direct result of an application vulnerability.
- 72 percent of respondents said that their company had been attacked several times, or at least once, because of an application vulnerability.
- 32 percent (EMEA 29 percent) say their organization has suffered two security breaches due to an application vulnerability.
- 14 percent (EMEA 10 percent) were attacked three times due to application vulnerabilities.
Web app security goes beyond protecting multiple attack vectors.
- The respondents named malicious bots (43 percent / EMEA 47 percent), attacks on the software supply chain (39 percent / EMEA 32 percent), the detection of vulnerabilities (38 percent / EMEA 42 percent) and security as the greatest challenges for application security of APIs (37 percent / EMEA 40 percent).
Bot-based attacks are the most likely cause of successful security breaches due to application vulnerabilities.
Companies see it as difficult to successfully fend off bot attacks again and again (Image: Barracuda).
- Forty-four percent (EMEA 44 percent) of respondents said that in the past 49 months, bot attacks contributed to a successful security breach that exploited a vulnerability in the company's applications.
"Web applications have emerged as the top attack vectors in recent years, and the rapid shift to remote working in 2020 has amplified that," said Tim Jefferson, SVP, Engineering for Data, Networks and Application Security, Barracuda. “Enterprises are struggling to keep up with the pace of these attacks, especially with newer threats such as bot attacks, API attacks, and supply chain attacks. Intelligent security solutions are needed here more than ever to effectively close the security gaps that have arisen.”
The details of the study
The survey, conducted by independent researcher Vanson Bourne, includes responses from 750 people in their company responsible for application development and security. Respondents were from organizations with 500 or more employees in the US, EMEA, and APAC.
More at Barracuda.com
Via Barracuda Networks Striving to make the world a safer place, Barracuda believes that every business should have access to cloud-enabled, enterprise-wide security solutions that are easy to purchase, implement and use. Barracuda protects email, networks, data and applications with innovative solutions that grow and adapt as the customer journey progresses. More than 150.000 companies worldwide trust Barracuda to help them focus on growing their business. For more information, visit www.barracuda.com.