WhiteHat Security said that it will soon begin offering a new quarterly publication, "Web Application Security Risk Report." A spokesperson said that the new report will offer "a high-level view of vulnerabilities affecting enterprise Web sites." The report will focus on e-commerce, financial services, healthcare, and similar types of Web sites. The company said that because it assesses the security of hundreds of Web sites each month, it's in the unique position of having an ample amount of current data available to use in publishing the new report.
"We expect these quarterly reports to shed light on prevalent vulnerabilities and help enterprises combat them efficiently. Through this type of industry awareness we expect to see a decrease in the number and severity of vulnerabilities across the board, especially among businesses which take a proactive approach to protecting their Websites," said Jeremiah Grossman, founder and chief technology officer at WhiteHat Security.
Whitehat Security, a member of the Web Application Security Consortium (WASC), said its report will be based on WASC's threat classification system, which breaks down vulnerabilities into 24 classes. The company thinks that the classification system will help make its report more comprehensive. WhiteHat Security will commence publication of the quarterly report in January.