WhiteHat Security Partner Portal

• Contact a WhiteHat Representative
• WhiteHat Security Website

• Home
• WhiteHat Contacts
• Register an Opportunity
• How to Order
• Sentinel Pricing
• Sentinel Training
• Resources & Tools
• Integrations – XML API
• Webinars/Videos/QBR
• Sentinel Demo & Screens
• WhiteHat Stats Report
• FAQs about Sentinel
• Competitive Matrix

WhiteHat Security Website Security Statistics Report

WhiteHat Website Security Statistic Report
Winter 2011, 11th Edition
Measuring Website Security: Windows of Exposure

WhiteHat Security's 11th Website Security Statistics Report, presents a statistical picture gleaned from over five years of vulnerability assessment results taken from over 3,000 websites across 400 organizations under WhiteHat Sentinel management. This represents the largest, most complete, and unique dataset of its kind. WhiteHat Security makes this report available specifically for organizations that aim to start or significantly improve their website security programs, prevent breaches, and data loss.

Top 3 Key Findings (Full list available in the report)

• Most websites were exposed to at least one serious* vulnerability every day of 2010, or nearly so (9–12 months of the year). Only 16% of websites were vulnerable less than 30 days of the year overall.
  
  
• During 2010, the average website had 230 serious* vulnerabilities.
  
  
• In 2010, 64% of websites had at least one Information Leakage vulnerability, which overtook Cross-Site Scripting as the most prevalent vulnerability by a few tenths of a percent.

Figure 1. 2010 at a Glance – Sorted by Industry
The average number of serious* vulnerabilities per website, the percentage of reported vulnerabilities that have been resolved (Remediation Rate), and average the a website is exposed to at least one serious vulnerability (Window of Exposure).

* Serious Vulnerabilities: Those vulnerabilities with a HIGH, CRITICAL, or URGENT severity as defined by PCI-DSS naming conventions. Exploitation could lead to breach or data loss.

For more information download a complete copy of the report ›››

Fall 2010 – 10th Edition – Website Security Statistics ReportDownload a PDF of the the report (2.19 MB) ›››
Listen to the Webinar (50 minutes) ››
Download a PDF of the presentation (2 MB) ››› Spring 2010 – 9th Edition – Website Security Statistics ReportDownload a PDF of the the report (1.25 MB) ›››
Listen to the Webinar (43 minutes) ››
Download a PDF of the presentation (1.9 MB) ››› Fall 2009 – 8th Edition – Website Security Statistics ReportDownload a PDF of the the report (1.25 MB) ›››
Listen to the Webinar (53 minutes) ››
Download a PDF of the presentation (1.9 MB) ››› Spring 2009 – 7th Edition – Website Security Statistics ReportDownload a PDF of the the report (1.5 MB) ›››
Listen to the presentation (46 minutes) ›››
Download a PDF of the presentation (1.3 MB) ›››
December 2008 – 6th Edition – Website Security Statistics ReportDownload a PDF of the the report (998 KB) ›››August 2008 – 5th Edition – Website Security Statistics ReportListen to the presentation (68 minutes) ›››
Download a PDF of the presentation (4.42 MB) ›››
Download a PDF of the the report (561 KB) ››› March 2008 – 4th Edition – Website Security Statistics ReportListen to the presentation (65 minutes) ›››
Download a PDF of the presentation (889 KB) ›››
Download a PDF of the the report (1.26 MB) ›››

The WhiteHat Website Security Statistics Report provides a one-of-a-kind perspective on the state of website security and the issues that organizations must address to avert attack. WhiteHat has been publishing the report, which highlights the top ten vulnerabilities, vertical market trends and new attack vectors, since 2006.

The WhiteHat report presents a statistical picture of current website vulnerabilities, accompanied by WhiteHat expert analysis and recommendations. WhiteHat’s report is the only one in the industry to focus solely on unknown vulnerabilities in custom Web applications, code unique to an organization, within real-world websites.

WhiteHat issues continued installments of the Website Security Statistics Report on a quarterly basis. To ensure the report remains useful and relevant, WhiteHat incorporates feedback and ideas from leading industry thought leaders and influencers. Based on feedback already received, the latest report includes: comparing vulnerability prevalence by severity, top ten vulnerability classes sorted by percentage likelihood and an outline of the types of technology typically encountered during WhiteHat vulnerability assessments mapped with the associated vulnerability percentage breakdown.

2011 © Copyright WhiteHat Security, Inc. | 408.343.8300 | 3003 Bunker Hill Lane, Santa Clara, CA 95054

Contact your WhiteHat Representataive | Contact the Webmaster