Download PDF version Contact company
Related Links

Invicti Security™, known for acquiring and combining AppSec pioneers Netsparker and Acunetix released the findings of its annual Spring AppSec Indicator Report.

As a pioneer in dynamic application security testing (DAST), interactive application security testing (IAST), and software composition analysis (SCA), Invicti Security commissioned the report to assess the impact and prevalence of modern web vulnerabilities. 

Report findings

The Spring AppSec Indicator Report examines data from over 1.7 million scans and 1,700 Invicti customers and shares insights and trends to guide best practices in vulnerability identification and remediation.

Highlights include:

  • Scanning is steadily increasing, up 50% from 2019 to 2022, as customers are scanning their web applications and APIs more often.
  • The percentage of scans with a severe vulnerability declined 19% year over year. After steady increases in prior years, the percentage of scans with severe vulnerabilities declined by 19% from 2021 to 2022.
  • Remote code execution (RCE) vulnerabilities show a significant increase, with the average percentage of apps with RCE flaws up 40% since 2022.
  • The percentage of scans with severe cross-site scripting (XSS) vulnerabilities continues to decline, dropping 12% from 2021 to 2022.

Continuous security testing

Organisations are scanning a greater portion of their attack surface for vulnerabilities more frequently"

This spring’s AppSec Indicator Report unveiled a key trend: Organisations are scanning a greater portion of their attack surface for vulnerabilities, and scanning them more frequently,” said Invicti’s Chief Product Officer, Sonali Shah.

By automating testing of their web applications and APIs in development and production and quickly remediating issues found, companies are reducing the risk of a data breach. Continuous security testing is an indispensable feature of a successful AppSec programme.”  

Report discussion

The report will be discussed in-depth at the 2023 RSA Conference. If attending, visitors can register to meet the team at booth #N-6265 or attend Invicti’s session, “2023 Vulnerability trends: a Deep Dive to Improve AppSec Programs,” at the Expo Briefing Center booth N-6545 on April 25th at 12:20 PM PT.

The company will also host a webinar about the AppSec Indicator’s findings on May 18th. 

Download PDF version Download PDF version

Related videos

Upgraded feature for Xesar - Now with smartphone as well!

Upgraded feature for Xesar - Now with smartphone as well!
Enhancing government security with proactive threat detection from Wavestore

Enhancing government security with proactive threat detection from Wavestore
Join the biggest hour for Earth

Join the biggest hour for Earth

In case you missed it

Real time crime centres - policing's new hub
Real time crime centres - policing's new hub

As city managers, law enforcement agencies, and first responders face mounting pressure to combat crime and respond to emergencies with limited resources, real-time crime centres e...

Mitigating cybersecurity risks in industrial control systems with Honeywell
Mitigating cybersecurity risks in industrial control systems with Honeywell

Cybersecurity threats targeting organisations' industrial control systems (ICS) are not always direct. Instead, the most vulnerable entries to an ICS can start with external partne...

Anviz transforms traditional property management into a smart reality, making digitisation more than just talk
Anviz transforms traditional property management into a smart reality, making digitisation more than just talk

The Middle East has recently expanded its real estate market as the region's economy grows and urbanisation accelerates. This trend has led to an increasing demand for smart securi...

Featured white papers
Access control system planning phase 2

Access control system planning phase 2

Download
Honeywell GARD USB threat report 2024

Honeywell GARD USB threat report 2024

Download
The role of artificial intelligence to transform video imaging

The role of artificial intelligence to transform video imaging

Download
SIA Identity and Biometrics Symposium

SIA Identity and Biometrics Symposium

Download
Artificial intelligence

Artificial intelligence

Download
Quick poll
Which feature is most important in a video surveillance system?
More corporate news
Re-appointment of MOBOTIX CEO and CFO and expansion of the executive board by a CSMO

Re-appointment of MOBOTIX CEO and CFO and expansion of the executive board by a CSMO
Dell Technologies builds ecosystem to speed zero trust adoption

Dell Technologies builds ecosystem to speed zero trust adoption
Vpod and Vector Flow form strategic partnership, bringing innovative workforce management solutions to contemporary workspaces

Vpod and Vector Flow form strategic partnership, bringing innovative workforce management solutions to contemporary workspaces
Featured products
Dahua Eyeball Network Camera with Advanced Detection

Dahua Eyeball Network Camera with Advanced Detection
Anviz AI-driven Fisheye Dome Network Camera

Anviz AI-driven Fisheye Dome Network Camera
Honeywell SMX: Cybersecurity for Operational Environments

Honeywell SMX: Cybersecurity for Operational Environments