39% Application Error Message 30% Cross Site Scripting Vulnerability 10% Sensitive Information Leakage 7% Browsable Web Directory 5% Blind SQL Injection 3% Source Code Disclosure Vulnerability 2% ASP.NET Debug Feature Enabled 2% DOM-Based Cross Site Scripting Vulnerability 1 % SQL Injection Vulnerability 1 % OS Command Injection SQL Injection CRITICAL 91% HTTP Basic Authentica- tion Enabled 7% Invalid TLS/SSL Certificate 1% Others 1% Cross Site Scripting Vulnerability HIGH 97% HTML Injection 1% Cross Frame Scripting 1% Others 1% Application Error Message MEDIUM 60% Unencrypted view state in ASP.NET 2.0 could leak sensative information 16% Browsable Web 11% Source Code Disclosure 5% Others 5% www.indusface.com/infographic VADODARA MUMBAI BANGALORE DELHI Indusface brings to you a first of its kind report on the, “State of Application Security in India”. This report is an analysis of the vulnerabilities data collected by Indusface’s flagship web application security solution IndusGuard. State of Application Security in India 11 Years 700+ 2.9 Million 4.5 Billion 10,180 19,500 Vulnerability Type by Severity Indusface is a privately-held, award winning, innovative, visionary, fast growing information security company, trusted by fortune 500 organizations across the globe and catering to more than 600 customers worldwide across different verticals. 2014 India Top 10 Vulnerability Type Vulnerabililty Trending -25 -20 -15 -10 -5 0 5 10 15 20 25 30 35 XSS Vulnerability Trend -60 -30 0 30 60 90 120 150 SQL Vulnerability Trend -40 -20 0 20 40 60 80 100 Sensitive Information Leakage Vulnerability Trend -50 0 50 100 150 200 Source Code Disclosure Vulnerability Trend