Software Vulnerability Snapshot
A Three-Year Analysis of the 10 Most Common Web and Software Application Attacks
What’s Inside
The Synopsys tests shed light on persistent vulnerabilities that remain significant challenges to web and software application security, especially the top vulnerabilities related to
- Information disclosure/leakage and privacy
- Misconfigurations
- Insufficient transport layer protection
The tests also underscore the ongoing dangers posed by vulnerable third-party libraries and the need for robust software supply chain security in software development environments, where well over 90% of software contains open source.
Industries Represented
Sixteen industry verticals are represented in the report, including software and internet, financial services, insurance, business services, manufacturing, media and entertainment, and healthcare.
Tests Included
Application security (AppSec) tests performed include penetration testing, dynamic application security testing, and mobile application security testing—all designed to probe running applications the way a real-world hacker would.