Attackers don't target the strong points of the network; they go straight for the weakest link, which in many architectures is the Web app itself.
- Information Security Magazine
According to Gartner, over 70% of all security attacks are application attacks and yet only 27% of businesses utilize outside expertise in dealing with application security issues.
Indeed, it's the little things that really matter in security: Each of the two successful cross-site scripting attacks was made possible by a single mistake on a single line of code in the test application.
- eWeek on results of OpenHack IV (won by our new
Chief Security Officer, Jeremy Poteet)