The Cyber Research Databank

The purpose of web application security testing is to find any security weaknesses or vulnerabilities within an application and its environment, to document the vulnerabilities, and to explain how to fix or remediate them. The business drivers behind the testing may be requirements of corporate policy, security requirements mandated by the corporate financial auditors or an internal audit department, compliance requirements for PCI or other industry standards, or compliance with regulatory standards such as Sarbanes-Oxley or HIPAA (Lepofsky). Application security is the key risk area for exploits, and exploits of applications can be devastating.

Full Report Here

 

 

 

Source: Cyber DB