WhiteHat Security’s eleventh annual Web Applications Security Statistics Report was compiled using data collected from tens of thousands of websites, reveals that on average the majority of web applications exhibit two or more serious vulnerabilities per application for every industry at any given point in time.
The report’s findings are based on the aggregated vulnerability scanning and remediation data from web applications that use the WhiteHat Sentinel service for security testing. The research shows that no industry has mastered application security, and of the 12 industries analyzed in this report, the information technology (IT), education, and retail industries suffer the highest number of critical or high-risk vulnerabilities per web application, at 17, 15 and 13 respectively.
The findings also highlight that the IT and retail industries struggle to remediate in a timely manner. It takes approximately 250 days for IT and 205 days for retail businesses to fix the software flaws. Additionally, highly regulated industries, such as financial services and healthcare, are not performing significantly better than the rest.