Indusface, a TCGF II (Tata Capital) funded, rapidly growing Application Security SaaS company, today released its State of Application Security Q2, (April-June) 2023 Report.
The insights revealed point to a staggering surge in cyberattacks, with Indusface’s robust AppTrana network successfully blocking over 947 million cyberattacks in India, out of a global total of 1.1 billion. This figure reflects a sharp escalation of 90% in the frequency of cyberattacks on Indian websites during Q2, 2023, as compared to Q1, 2023, which recorded 500 million attacks.
Particularly targeted sectors included Banking and Insurance, with the Healthcare sector also being heavily affected, as each website in the sector encountered Bot attacks. The prevalence of Bot attacks rose by 48% in Q2 (88 million attacks) compared to Q1, 2023 (59 million attacks), underlining the pervasive nature of this threat.
DDoS attacks also increased significantly, seeing a 75% upswing from the previous quarter globally. Following India, the countries from which the most attacks originated were the United States and the United Kingdom.
Sharing his views, Ashish Tandon, CEO of Indusface, said, “The India story is an exciting one and looks like even the bad actors have noticed it. While we track the growth in attacks worldwide, no other major geography saw an increase of 90% on attacks.”
He further added, “DDoS continues to be the #1 threat vector. Enterprises continue to prioritize application availability for legitimate users and risk DDoS attacks as the implications of false positives are significant. This is because most methods to combat DDoS don’t adapt well enough especially when there are bursts in traffic on legitimate use cases such as a year-end tax return filing.”
“We have been able to address this problem well for our customers with AppTrana. The Anti-DDoS capability in the platform adapts to user behaviour and greatly reduces false positives.” Concluded Ashish.
Additional Insights:
- Virtual Patching on the Rise: Customers are increasingly adopting virtual patching at the Web Application Firewall (WAF) level to bolster their defences against cyber threats.
- Vulnerabilities: A total of 33,000 critical, medium, and high vulnerabilities were identified, underscoring the need for robust security measures.
- Long-standing Vulnerabilities: Concerningly, 31% of the vulnerabilities remained open for more than 180 days, exposing 1729 critical and high vulnerabilities for potential exploitation.
- Core Rules and Custom Rules: 41% of attacks were blocked using AppTrana’s core rules set, while 59% were blocked using custom rules, signifying the significance of managed services and custom rules for security teams worldwide.
- Top Vulnerability Categories: In Q2, 2023, the most prevalent vulnerability categories were Cross-Site Scripting (XSS), HTML Injection, and SQL Injection, as compared to Q1, 2023, which saw Cross-Site Scripting (XSS), Server Side Request Forgery Detected, and HTML Injection as the top three categories.
- Global Cyberattacks: The total number of DDoS attacks worldwide reached 872,105,826, while bot attacks amounted to 88,186,868, emphasizing the scale of the cyber threat landscape.
About Indusface:
Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 5000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine.
Indusface, funded by Tata Capital Growth Fund II, is the only vendor to receive 100% customer recommendation rating three years in a row and is a global customer choice in the Gartner Peer Insights™ Web Application and API Protection (WAAP) Report 2023. Indusface is also a “Great Place to Work” 2022 Winner in the Mid-Size category in India and is PCI, ISO27001, SOC 2, GDPR certified and has been the recipient of many prestigious start-up awards.
