IBM has announced the release of new solutions to combat web application attacks and to secure the integrity of data processed by web applications.
The latest component is IBM Proventia SiteProtector 8.0, which integrates a consolidated security management system with Rational AppScan, a solution for web application vulnerability and secure code testing.
The company claimed that it includes the ability to correlate application vulnerabilities with potential security events and real-time attacks, enabling organisations to prioritise remediation to immediately address top threats.
As web applications often rely on web services and service-oriented architecture, IBM has integrated the security and governance features of the purpose-built WebSphere DataPower SOA appliances with the centralised management of Tivoli Security Policy Manager.
According to the latest statistics from the IBM X-Force 2009 midyear trend and risk report, which will be released later this month, web application attacks continue to accelerate. It will show that SQL injection attacks rose by 50 per cent in Q1 2009 as compared with Q4 2008, and nearly doubled in Q2 at 96 per cent as compared with Q1.
The report concludes that the most common intent of web application attacks are to steal and manipulate data and take command and control of infected visitors.