Over 65% of the CVEs Edgescan found in 2020 are more than 3 years old, with 32% dating back to 2015 or earlier
Edgescan, providers of the award winning Fullstack Vulnerability Management™ range of services, today releases the 2021 Vulnerability Stats Report that, for the sixth year running, offers unique insight into the global security landscape from a trends and statistics perspective, as well as a snapshot of the overall state of cyber security globally. This year’s report takes a deeper look at vulnerability metrics from a known vulnerability (CVE), Malware, Ransomware and visibility standpoint (exposed services), coupling both internal and public Internet-facing systems.
Read More: Qualtrics Launches New Integration To Help Healthcare Providers Deliver Personalized And…
Some of the key findings include:
• Remote desktop (RDP) and Secure Shell (SSH) exposures increased by 40%, likely due to the increase in remote working due to Covid-19. This resulted in a massive increase in discovery of vulnerabilities such as the infamous Bluekeep (CVE-2019-0708), the critical bug behind the Wannacry attack of 2018
• Of a sample of 1,000,000 endpoints profiled in 2020, 21,070 of the endpoints had an exposed database. This points to a serious lack of asset inventory and visibility
• Over 65% of the CVEs Edgescan found in 2020 are more than 3 years old, with 32% dating back to 2015 or earlier
Read More: SalesTechStar Interview With Kacie Finance, Global Account Manager At Bizzabo
“I am still as passionate as ever in compiling this report and delving into the underlying data. We still see high rates of known (i.e. patchable) vulnerabilities which have working exploits in the wild, used by known nation-states and cybercriminal groups. So yes, patching and maintenance are still challenges, demonstrating that it is not trivial to patch production systems,” said Eoin Keary, CEO and founder of Edgescan.
The value of Edgescan’s data has become more evident as their unique dataset is now a regular part of other annual security analysis reports, such as the OWASP Top 10 and Verizon DBIR.
The edgescan™ SaaS security solution manages thousands of assets across the globe for both enterprise and SME clients helping them to continuously detect, prioritise, monitor and fix security weaknesses for Internet-facing systems. Due to analyst validation of all discovered vulnerabilities, the solution is highly accurate and virtually false positive free.