While the overall security of web applications has continued to improve, it still leaves much to be desired. Reports state that about 66-94% of all web applications still have a security vulnerability. Key takeaways regarding web applications are below:

  • Hackers can attack users in 9 out of 10 web applications. Attacks include redirecting users to a hacker-controlled resource, stealing credentials in phishing attacks, and infecting computers with malware.
  • Unauthorized access to applications is possible on 39% of sites. In 2019, full control of the system could be obtained on 16%t of web applications. On 8% of systems, full control of the web application server allowed attacking the local network.
  • Breaches of sensitive data were a threat in 68% of web applications. Most breachable data was of a personal nature (47% of breaches) or credentials (31%).