Europe’s Top Insurance Providers have been found to have security weaknesses within their web application architecture, according to the latest research by Outpost24.
The 2021 Web Application Security for Insurers Report analysed the web applications of the top 10 European insurance providers, as listed by ADV Rating, and found that every insurer had some degree of vulnerability or security weakness.
In fact, it was discovered that the top EU insurers run a total of 7,611 internet exposed web applications over 1,920 domains, with 3% of them considered suspicious (e.g. testing environments). Furthermore, nearly one in four (23%) of the applications identified are found to be using old components containing known vulnerabilities that could be exploited. This is particularly concerning as web applications remain the biggest source of data breaches. It’s no surprise as they carry a plethora of complexities from a variety of attack vectors presenting potential for serious vulnerabilities.
Insurance providers of late have come under intense attack from hackers. Recent ransomware hits on big names include AXA’s 3TB sensitive data leak and US CNA Financial which was forced to pay $40m to regain network control. There is no better time for insurers to take a magnifying glass to examine their own application attack surface, especially against the most common attack vectors as revealed in The Outpost24 report through aggregated risk scoring.
This enables insurance security teams and developers to compare and benchmark their attack surfaces and ..
Support the originator by clicking the read the rest link below.
