The average Web application is seriously attacked 59 times over a period of six months — once every third day — according to new research from Imperva, released this week.
The company monitored activity for 50 Web applications, which weren’t named, in their latest Web application attack report (WAAR). The sampling period occurred from December 2011 to May 2012. The data analyzes frequency, type and origins of attacks.
Imperva, an application and database security provider, discovered that the average attack incident lasted seven minutes and 42 seconds, but the longest incident lasted an hour and 19 minutes. SQL injections were the most popular.
“These findings indicate a significant difference between an average Web application attack incident and the upper limit,” said Imperva CTO Amichai Shulman in a press release. “We believe that organizations that are only prepared for an average attack incident may be overwhelmed by larger attack incidents, like a flood bursting through a levy.”
Report data includes:
"The cyberbattlefield looks a lot more like a border keeping mission than total war - most of the time very little happens, but every once in a while there's an outbreak of attacks," said Shulman. "Regardless of the frequency of attacks and peaceful periods, we believe organizations need to be prepared for these bursts of activity during attack incidents."
To download the full report, visit Imperva’s website.