To produce the annual “Application Vulnerability Snapshot” report, Synopsys Cybersecurity Research Center (CyRC) researchers examine anonymized data from commercial software systems and applications tested by Synopsys Application Security Testing (AST) services. This year’s report includes data from 4,398 tests conducted in 2021 on 2,711 targets (i.e., software or systems).
Almost all the tests (95%) were intrusive “black box” and “gray box” tests, including penetration (pen) tests, dynamic application security testing (DAST), and mobile application security testing (MAST) analyses.
Black box testing approaches the target’s security state from an outsider’s perspective, whereas gray box testing simulates an authenticated user with credentials—essentially extending black box testing with deeper insights. The Synopsys AST services tests probe running applications as a real-world attacker would, with the goal of identifying vulnerabilities that could then be triaged and remediated as necessary.
The targets tested were largely web (82%) and mobile (13%) applications, with the remaining 5% either source code or network systems/applications tests. The industries represented included software and internet (32%), financial services (26%), business services (18%), manufacturing (7%), consumer services (7%), and healthcare (6%). The remaining 4% of test targets represented travel and leisure, education, energy and utilities, and other verticals.
相关报告
300页幻灯片图解密评V1.0.0
4208
类型:专题
上传时间:2022-10
标签:商用密码、安全性、图解)
语言:中文
金额:5积分
《商用密码应用安全性评估管理办法(试行)》
3516
类型:经管职场
上传时间:2022-07
标签:商用密码、安全性)
语言:中文
金额:免费
300页幻灯片图解密评V2.0(最新)
2515
类型:专题
上传时间:2023-02
标签:商业密码、安全性)
语言:中文
金额:5积分
400页图解商用密码应用安全性评估(2024版)V2.0.0
1470
类型:政策法规
上传时间:2024-02
标签:商用密码应用、安全性)
语言:中文
金额:5积分
译丛:《提升关键原材料的弹性:增强安全性和可持续性之路》
695
类型:专题
上传时间:2020-12
标签:关键原材料、安全性、可持续性)
语言:中文
金额:免费
TE智库《中国通用大模型内容生成及安全性能力评测》
589
类型:专题
上传时间:2023-07
标签:通用大模型、安全性、内容生成)
语言:中文
金额:5积分
同济大学:智能制造安全研究
223
类型:经管职场
上传时间:2024-01
标签:制造、智能制造、安全性)
语言:中文
金额:30积分
电子书-合作的无人机系统的安全性和可靠性(英)Safety and Reliability in Cooperating Unmanned Aerial Systems
181
类型:电子书
上传时间:2022-07
标签:技术、无人机系统、安全性)
语言:英文
金额:5积分
国际清算银行-Project Tourbillon:探索CBDC的隐私、安全性和可扩展性(英)-2023.11
36
类型:专题
上传时间:2023-12
标签:CBDC、安全性、可扩展性)
语言:英文
金额:5积分
兰德-提高软目标和拥挤场所的安全性-景观评估(英)-2024.3
12
类型:专题
上传时间:2024-04
标签:拥挤场所、安全性)
语言:英文
金额:5积分
积分充值
30积分
6.00元
90积分
18.00元
150+8积分
30.00元
340+20积分
68.00元
640+50积分
128.00元
990+70积分
198.00元
1640+140积分
328.00元
微信支付
余额支付
积分充值
应付金额:
0 元
请登录,再发表你的看法
登录/注册