Indusface, a TCGF II (Tata Capital) funded, rapidly growing Application Security SaaS company, recently released its State of Application Security Q4, 2022 Report. The report is the outcome of analysis of more than 1400 applications and over 829 million cyberattacks that Indusface AppTrana network blocked in the Q4, 2022, globally. 59% of the websites attacked are in India.
From a revenue perspective, mid-market companies with revenues between $10 million to $1 billion have been subjected to 45% of the cyberattacks and only 21% were large enterprises with over $1 billion in revenue. On the other hand, small businesses accounted for 34% attacks which implies that every business is at risk of such attacks.
The ability to create custom rules has stood out as a key enabler of cyber security. On an average, each enterprise deploys 48 custom rules, and 60% of all attacks were blocked using these custom rules. The report also highlights the increase in ‘virtual patching’ as a measure to protect applications at the Web Application Firewall level. DDoS attacks affected 32% of all apps during the last 60 days of the observation period.
Speaking about this, Ashish Tandon Founder& CEO, Indusface, said, “In this quarter, we saw almost 20 applications of a healthcare customer get targeted by DDoS attacks. We also saw a SaaS application hit with a 2TB attack. In both the cases, the attacks were quickly thwarted with AI sending out anomaly alerts and a managed services team deploying surgical rules. By bundling managed services in the AppTrana WAF, we guarantee zero false positives. No wonder that 99% of applications on AppTrana are always in block mode.”
The top three segments vulnerable to the attacks are banking, insurance, and other finance companies, followed by IT services and manufacturing companies. SaaS/IT products and Retail/e-commerce also have a decent representation of 9% each. As far as the region is concerned, 59% of the websites are inIndia, followed by 23% in the US and Canada.
Indusface AppTrana is the only application firewall that takes inputs from application scans and penetration testing to provide real-time cyber security against application vulnerabilities. With AppTrana, security teams get a single pane of glass view on the number of open application vulnerabilities and the protection status. This risk-based approach undertakes weekly or even daily scans to identify vulnerabilities and patch them on the web application firewall in real-time.