Web App Worms - The Next Internet Infestation

While organizations rush to develop their security policies and implement even a basic security foundation, the professional hacker continues to find new ways to attack. Their attention has reverted to the application-layer, either shrink-wrapped or custom applications, which is commonly the least protected layer of an organization's network. Industry experts estimate that 3/4ths of the successful attacks targeting corporate networks are perpetrated via the application layer. Considering the nature of Web applications that allow access to internal and external audiences, this can pose serious risk to an organization's backend data without the organization even knowing.