We are proud to share our security report for in-production web applications. This report summarizes key threats that tCell, a Next Gen Cloud WAF and Rasp tool, came across in Q2 of 2018. The data in this report has been collected, aggregated, compiled, and anonymized from actual production application traffic in the AWS and Azure cloud ecosystems.
Key trends discovered includes:
- 90% of active applications had a known CVE, while 30% of applications had a critical CVE during this time period
- There was an average of 2,900 orphaned routes or exposed API end-points per application
- On average, it took 34 days for an organization to patch their most critical CVEs
This report was designed to uncover new areas of risk to application security and confirm the presence of threats, vulnerabilities, and security incidents that teams had previously only suspected. We hope that you can leverage the findings in this report to better protect your organization against these emerging threats.