HomeAuthorPravin Madhani, CEO and Co-Founder, Author at K2io

As we approach the end of 2021, we’d like to present our predictions for 2022 for the application security community.  It would be easy to just predict that cyber attacks will continue to increase, that we’ll find more vulnerabilities in production code (after four record years and probably a fifth), and that ransomware will exact a record-setting payment from an organization in the coming year.  Instead, we’ll focus on three predictions that are probably a little less likely, but ones we may still actually see come to pass in the coming year.

A new article in Help Net Security is reporting that attacks on retail industry websites from Q4 2020 through the first half of 2021 were notably higher than all other industries, and were characterized by more sporadic peaks in attacks.  With attacks up on retail sites, and the continued global supply chain crisis, shoppers are sure to have a tougher time finding the presents they are looking for this holiday season.

The proliferation of applications in the wake of COVID and more employees than ever working from home should not be a surprise to anyone.  The worry though, is whether organizations have taken security for those newly released applications seriously enough. Security professionals face growing challenges as their organizations increase both the number of applications deployed and the pace at which these applications change.  The publication eWeek took a closer look at some of the security implications of application proliferation in a new article.

In addition to OWASP finally updating the Top 10 Web Application Risks, this year Mitre also updated their Top 25 Most Dangerous Software Bugs, also known as the CWE Top 25.  One of the interesting things to note about the updated list, is that common vulnerabilities still feature prominently, an indication that we've made little progress in improving the security of our web applications, as has been indicated by other recent studies.


K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks including OWASP Top 10 and memory-based attacks, and provides additional vulnerability detection. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production servers to identify the location of the vulnerable code in real-time. K2’s solution generates almost no false alerts, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools including Web Application Firewalls, and dramatically reduces security cost. K2 Cyber Security is located in the USA, and provides cyber security solutions globally.


K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131