How Machine Learning Helps With Web App Security

 
 
By Karen A. Frenkel  |  Posted 06-30-2017 Email
 
 
 
 
 
 
 
 
 
  • Previous
    How Machine Learning Helps With Web App Security
    Next

    How Machine Learning Helps With Web App Security

    The percentage of data breaches that used web application attacks has grown rapidly. A new report recommends machine learning tech for web app security testing.
  • Previous
    U.S. Web Apps Are Top Target
    Next

    U.S. Web Apps Are Top Target

    In Q4 2016, the number of web application attacks grew more than 12% globally. The U.S. remained the most attacked country, with a 72% increase from Q3 2016 to Q4 2016.
  • Previous
    Why Hackers Target Web Apps
    Next

    Why Hackers Target Web Apps

    Hackers exploit web applications because they are usually deployed by users, rather than IT, and are a perfect entry point for accessing a company's backend systems.
  • Previous
    First Level of Expertise to Detect Threats
    Next

    First Level of Expertise to Detect Threats

    Level I is based on traditional linear software analysis that can be optimized to quickly detect a long list of vulnerabilities. Even if the analysis is fast and daily, many false positives result.
  • Previous
    Second Level of Expertise to Detect Threats
    Next

    Second Level of Expertise to Detect Threats

    Level II is based on machine learning and provides a deeper analysis to better detect vulnerabilities and reduce false positives. It optimizes the list of vulnerabilities and threats and supports final human interaction.
  • Previous
    Third Level of Expertise to Detect Threats
    Next

    Third Level of Expertise to Detect Threats

    Level III is based on human-augmented analysis. An auditor will finalize the report based on expertise and analysis.
  • Previous
    Machine Learning Strengthens Security Testing
    Next

    Machine Learning Strengthens Security Testing

    By using machine learning, the testing company can create a third layer of expertise so it can better detect potential threats in real time.
  • Previous
    Ratio Between Time and Accuracy
    Next

    Ratio Between Time and Accuracy

    The quality of the report can be measured by the ratio between the time the report is generated and the accuracy of the information. It is easy to generate an analysis that raises red flags for deeper human analysis.
  • Previous
    Dealing With False Positives
    Next

    Dealing With False Positives

    The false positives rate is higher when human intelligence is used to classify threats and when the final report is not delivered quickly. Machine learning technologies can deliver both speed and quality.
  • Previous
    Scan and Analysis Flexibility
    Next

    Scan and Analysis Flexibility

    The scan and analysis flexibility will affect both the cost and quality of web app security testing. When software performs the analysis, it reduces the cost and improves the scalability and quality of the analysis.
  • Previous
    Link Machine Learning With Human Intelligence
    Next

    Link Machine Learning With Human Intelligence

    Machine learning combined with human augmentation provides a good mix of scalability, quality and cost. Machine learning can perform robust vulnerabilities detection where the entire flaw is tested.
  • Previous
    Machine Learning Can Help Keep Costs Down
    Next

    Machine Learning Can Help Keep Costs Down

    Machine learning can reduce the amount of time humans spend on tasks and processes, thereby reducing overall costs.
 

The cyber-security industry will grow from $102 billion in 2015 to $155 billion in 2020, with a compound annual growth rate of 52 percent, according to Frost & Sullivan. But in its report, "How Machine Learning Will Strengthen the Web Application Security Testing Market," the think tank also points to a different trend when it comes to web application attacks: Insecure web applications cause the most data breaches. Quoting Verizon's "Data Breach Investigation Report (DBIR) for 2016," Frost and Sullivan noted that "Although attacks on web applications account for only 8 percent of overall reported incidents (whether they were successful or not), attacks on web applications accounted for over 40 percent of incidents resulting in a data breach, and were the single-biggest source of data loss." Furthermore, the percentage of data breaches that leveraged web application attacks increased rapidly—from 7 percent in 2015 to 40 percent in 2016. In the face of this trend, Frost and Sullivan's report recommends machine learning technology for web application security testing.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register