Eskenzi PR Eskenzi PR
  • About Us
Friday, 23 April, 2021
IT Security Guru
Eskenzi PR
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Global Trends Report Reveals All-Time High of 20,000 Vulnerabilities Last Year

by The Gurus
April 4, 2018
in Editor's News
Share on FacebookShare on Twitter

Flexera, the company that’s reimagining how software is bought, sold, managed and secured, today released Vulnerability Review 2018 – Global Trends, the annual report from Secunia Research at Flexera. The report provides data on vulnerabilities to help companies understand the vulnerability landscape and devise strategies to secure their organizations. Vulnerabilities are a root cause of security issues – errors in software that can work as entry point for hackers, and be exploited to gain access to IT systems.

A Surge in Vulnerabilities

This year’s report reveals a continuing surge in vulnerability growth. In 2017 documented vulnerabilities increased 14 percent to 19,954, up from 17,147 in 2016. This means that companies are being exposed to an escalating number of security risks, underscoring the need to maintain continuous visibility of their software assets and the vulnerabilities affecting them. Companies also need to ensure critical vulnerabilities are prioritized and addressed before exploitation risk increases.

“There’s no question based on this year’s results, the risks remain high,” said Kasper Lindgaard, Director of Research and Security at Flexera. “As the potential for breaches expands, the pressure is on executives to increase vigilance through better operational processes – instead of reacting to risks that hit media headlines and cause disruption. The Equifax breach and WannaCry attacks taught us that.”

Avoiding Attack is Possible: 86 Percent of Patches Available on Disclosure Day

The Flexera report offers hope for companies seeking to minimize their risk of incidents. Patches were available for 86 percent of the vulnerabilities on the day of disclosure. In addition, zero-days – instances in which a vulnerability is exploited before public disclosure – remain rare. Only 14 of the 19,954 known vulnerabilities in 2017 were zero-days, a 40 percent drop from 2016.

“Organizations need to take advantage of this knowledge to remediate most vulnerabilities before risk of exploitation increases,” advised Lindgaard. “But the process cannot be adhoc. Without a consistently applied patching methodology, organizations will slip, leaving vulnerabilities unpatched for long periods. This gives criminals a large window of opportunity to execute their attacks. We advise a formal, automated software vulnerability management process that leverages intelligence to identify risks, prioritize their importance and resolve threats.”

Key Findings from the 2018 Vulnerability Review

  1. In 2017, Secunia Research at Flexera detected 19,954 vulnerabilities discovered in 1,865 applications from 259 vendors. This represents an increase of 38 percent over five years, and 14 percent when compared to the previous year.
  2. 86 percent of vulnerabilities had a patch available within 24 hours of disclosure, compared to 81 percent in the previous year.
  3. The number of zero-days – vulnerabilities exploited prior to public disclosure – dropped to 14, compared to 23 in the previous year.
  4. 17 percent of vulnerabilities in 2017 were ranked Highly Critical, and 0.3 percent as Extremely Critical.
  5. The primary attack vector to trigger an attack was via a remote network at 55 percent.
0 0 vote
Article Rating
FacebookTweetLinkedIn
ShareTweetShare
Previous Post

60% of Critical Infrastructure Operators Say Cyber Security Controls Lacking

Next Post

Intel Says It Won’t Fix Meltdown and Spectre in Some Vulnerable Chips

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

messaging apps - signal

Signal CEO hacks mobile-hacking firm

April 22, 2021
New UK laws to protect IoT devices amid sales surge

New UK laws to protect IoT devices amid sales surge

April 22, 2021
edgescan logo

PRODUCT REVIEW – Edgescan makes fullstack vulnerability management easy

April 21, 2021
The clubhouse app

Armis and UK’s Eseye partner to secure connected devices on any cellular network

April 20, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept