Penta Security Releases Major Web Attack Trends Report for 2020

web attack trends

SEOUL, South KoreaDec. 9, 2020 — On December 9th, Penta Security released its annual Web Application Threat Trend (WATT) report based on real web application threat data collected and analyzed by Penta Security (WAPPLES) and Cloudbric, the cloud-based security solutions provider dedicated to providing customized and simplified WAF solutions. The resulting WATT Report for the first half of 2020 is a useful tool for enterprises to protect data effectively, particularly following the disruption of operations due to the COVID-19 pandemic.

Key Takeaways 

The report identifies web attack patterns through the latest attack trend analysis and aims to reflect predicted results to WAPPLES and Cloudbric operations, leading WAF providers in the APAC region. Through this report, the companies were able to gain statistical information on major web attacks and an annual increase in extension filtering attacks and SQL injection attacks based on the detection rules of WAPPLES and Cloudbric solutions.

Notable findings from this WATT report include the following: 
  • Most Frequently Detected WAPPLES Rules

The top 5 attacks detected by Penta Security’s web application firewall WAPPLES and Cloudbric were extension filtering, request header filtering, SQL injection, error handling, and URL access control.

  • Detection Figures of OWASP Top 10

The top 10 web attack types selected by OWASP based on the detection log data were analyzed thoroughly by Penta Security and Cloudbric. The result shows that web applications with confidential information are used much more frequently in organizations, making them even more vulnerable to threats.

  • Origin of Attacks by Region & Industry

The highest number of web attacks occurred in Asia, followed by Europe, America, Africa, and Oceania. Distribution and manufacturing industries saw the highest number of web attacks, followed by broadcasting and communication, education, public sectors, and shopping malls. Attacks were mainly targeted at companies where in-house employees hold a substantial amount of confidential information.

  • Objectives & Distribution of Attacks

The main objectives were information leakage and vulnerability scanning, as the frequency of personal information targeted attacks have been increasing dramatically.

The original Web Application Threat Trends report for the first half of 2020, along with more information about Penta Security’s market-leading web application firewall can be found by visiting their official homepage, here.

About Penta Security

Penta Security Systems Inc. is a leader in data, IoT, and blockchain security solutions and services. With 23 years of expertise in powering secured connections, Penta Security is the top cybersecurity vendor in Asia, as recognized by Frost & Sullivan, and APAC market share leader in the WAF industry. Penta Security continues its push for innovation as a pioneer in securing blockchain-based environments. For more information on Penta Security, visit For partnership inquiries, email