We live in a world where new application security vulnerabilities are discovered daily. Additionally, the advent of botnets and crypto currency mining has increased the attractiveness of targets. There are two major techniques utilized by attackers to find vulnerable applications en masse:
- Run scanners against large portions of the Internet to look for common exploits, such as SQL injection, Remote Command Execution, etc. Virtually any poorly coded web application can be vulnerable to these attacks.
- Follow the security feeds for newly discovered vulnerabilities, create exploits and launch them against every public instance of the application. Well known platforms like Wordpress and Drupal are especially susceptible to such an attack.
There is little debate that the best place to fix security issues is within the application code itself. However, that is not always feasible given the time that is required.