- Bau, J., Bursztein, E., Gupta, D. & Mitchell, J. (2010). State of the Art: Automated Black-Box Web Application Vulnerability Testing. Stanford University. Retrieved from http://cdn.ly.tl/publications/state-of-the-art-automated-black-box-web-application-vulnerability-testing.pdf
- Brodkin, J. (2007). The Top 10 Reasons Web Sites Get Hacked. Network World. Retrieved from http://www.networkworld.com/news/2007/l_00407-web-site-vulnerabilities.html.
- CLUSIF. (2010). Web Application Security: Managing Web Application Security Risks. Club De La Securite De L’information Francais. Retrieved from http://www.clusif.asso.fr/fr/production/ouvrages/pdf/CLUSIF-2010-Web-application-security.pdf
- Jackson, C., Simon, D.R., Tan, D.S., & Barth, A. (2006). An Evaluation of Extended Validation and Picture-in-Picture Phishing Attacks. Retrieved from http://www.usablesecurity.org/papers/jackson.pdf
- NVD. (2012). National Vulnerability Database. Retrieved from: http://web.nvd.nist.gov/view/vuln/search
- OWASP. (2010). OWASP Top Ten Project. Retrieved from https://www.owasp.0rg/index.php/Category:OWASP_Top_Ten_Project
- PRC. (2012). Privacy Rights Clearinghouse Chronology of Data Breaches. Retrieved from http://www.privacyrights.org/data-breach
- Verisign. (2012) Web Site Malware Scanning. Retrieved from http://www.verisign.com/ssl/ssl-information-center/malware-scan-faq/index.html
- Verizon. (2011). 2011 Data Breach Investigations Report. Retrieved from http://www.verizonbusiness.com/Products/security/dbir/
- Verizon. (2012). 2012 Data Breach Investigations Report. Retrieved from http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf
- Vupen. (2012). Vupen Security. Retrieved from http://www.vupen.com
- WASC. (2008). Web Application Security Statistics. Retrieved from http://www.webapsec.org_s://files.pbworks.com/download/K7j2rUeYRw/webappsec/13247070/WASS-SS-2008.pdf
- WASC. (2010). The Web Hacking Incident Database 2010. Retrieved from https://www.trustwave.com/downloads/WHID_Semiannual_Report_2010.pdf
- WASC. (2012). Web Hacking Incident Database. Retrieved from http://projects.webappsec.Org/w/page/13246995/Web-Hacking-Incident-Database#TopApplication_Weaknesses
- WhiteHat. (2012). WhiteHat Website Security Statistics Report. Retrieved from http://www.whitehatsec.com/home/resource/stats.html http://img.en25.com/Web/WhiteHatSecurityInc/WPstats_winter11_11th.pdf
Towards an Understanding of Web Application Security Threats and Incidents
Reprints and Corporate Permissions
Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?
To request a reprint or corporate permissions for this article, please click on the relevant link below:
Academic Permissions
Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?
Obtain permissions instantly via Rightslink by clicking on the button below:
If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.
Related research
People also read lists articles that other readers of this article have read.
Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.
Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.