February 2009

If your Internet provider filters incoming e-mail, please add ncxgroup.com to your list of approved senders to make sure you receive NCX Group Security Updates.

WEB APPLICATIONS UNDER ATTACK THROUGHOUT 2009
Web applications are now the most targeted avenue of attack into a company’s business systems, and analysts predict this will continue throughout 2009. The cause? Insufficient security practices and exploitable application code.

What’s disturbing about this prediction is that hackers have been very successful in finding new ways to bypass current security measures by actively analyzing Web applications for vulnerabilities. Their efforts will continue to expose more organizations to significant risk and unless companies maintain consistent security vigilance, the number of breaches is sure to go higher as more hackers gain access to confidential data.

Access is typically achieved through weaknesses or errors in system design, exploited information leakage such as developer comments or messages, Cross-site scripting, SQL Injections, and insufficient access controls, to name a few ways.

How can you remediate and protect your business against attacks? One way to counteract this threat is to conduct application vulnerability testing throughout the lifespan of your application. Web applications are dynamic and many are constantly changing. Web Application Testing will not only find security holes in the software, but verify their absence.

Companies and financial institutions cannot afford to get a false sense of security because of a PCI audit certification. We all have heard about too many companies, such as TJ Maxx and Hannaford Bros. supermarket, which were PCI DSS certified compliant and still got breached. Information security is continually evolving and many companies do not realize that their corporate assets may be exposed.

ISSUE: February 2009


		Subscribe to Security Update

	2009 Reported Data Breaches Keep yourself updated on the latest security breach disclosures


	NCX Vision See What You’ve Been Missing Learn More here >>



	Looking for Managed Security Services? Call us at 888-448-5451 or contact us below

	To have an NCX Group Representative Contact You Email us here

Today’s economy has businesses and organizations facing some very difficult challenges and decisions regarding their budget and direction. But Information Risk Management must be a top priority, more so today than ever before. One breach today, coupled with the expenses incurred from notification, legal activities, and mitigation can be even more devastating– and certainly not something you want your customers to worry about in times like these when credit standings mean so much. NCX Group has developed proven, reliable, and thorough methodologies that are cost effective for the testing and evaluation of today’s Web applications.

We evaluate your application vulnerabilities as well as your site’s exposure to risk. Our testing includes input validation (the main contributor to many attack vectors), poor coding methods, failed configuration management, and discovery of files or resources and directory contents so you can easily identify inherent threats.

Please visit our Web site at www.ncxgroup.com. For a free consultation on how our experts can help you secure your data at a price that will fit your budget, call us at 888-448-5451 or request a representative to call you.

NCX Group, Inc. is a leading information risk management firm specializing in the assessment and mitigation of risk associated with today’s technologies and business processes.

NCX Group, Inc.
5000 Birch Street, West Tower, Suite 3000
Newport Beach, CA 92660
888-448-5451
www.ncxgroup.com