Anúncio
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report

Check these out next

Cyber Security # Lec 4
Cyber Security # Lec 4
Kabul Education University
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
SaraPia5
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
Spanning Cloud Apps
Roadmap to security operations excellence
Roadmap to security operations excellence
Erik Taavila
Security Operations Center
Security Operations Center
MDS CS
Gabriel Gumbs - A Capability Maturity Model for Sustainable Data Loss Protection
Gabriel Gumbs - A Capability Maturity Model for Sustainable Data Loss Protection
centralohioissa
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
North Texas Chapter of the ISSA
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
1 de 11

Edgescan 2021 Vulnerability Stats Report

24 de Feb de 2021
Baixar para ler offline
Internet

A deck discussing the the findings from the Edgescan 2021 Vulnerability Stats Report. A full stack view of the vulnerabilities discovered in 2020 based on thousands of assessments. Host, network and application layer security metrics -Full stack

Eoin Keary
CEO / Founder edgescan em edgescan
Anúncio
Anúncio
Anúncio

Recomendados

Tictaclabs Managed Cyber Security ServicesTictaclabs Managed Cyber Security Services
Tictaclabs Managed Cyber Security ServicesTicTac Data Recovery218 visualizações11 slides
Managed Cyber Security ServicesManaged Cyber Security Services
Managed Cyber Security ServicesMichael Bowers100 visualizações7 slides
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT Innovators1.8K visualizações19 slides
Next-Generation SIEM: Delivered from the Cloud Next-Generation SIEM: Delivered from the Cloud
Next-Generation SIEM: Delivered from the Cloud Alert Logic 1.7K visualizações15 slides
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...North Texas Chapter of the ISSA1.7K visualizações25 slides
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldQualys355 visualizações21 slides

Mais conteúdo relacionado

Apresentações para você(20)

Cyber Security # Lec 4 Cyber Security # Lec 4
Cyber Security # Lec 4
Kabul Education University1.8K visualizações
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
SaraPia586 visualizações
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
Spanning Cloud Apps10.7K visualizações
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellence
Erik Taavila2.9K visualizações
Security Operations CenterSecurity Operations Center
Security Operations Center
MDS CS119 visualizações
Gabriel Gumbs - A Capability Maturity Model for Sustainable Data Loss ProtectionGabriel Gumbs - A Capability Maturity Model for Sustainable Data Loss Protection
Gabriel Gumbs - A Capability Maturity Model for Sustainable Data Loss Protection
centralohioissa981 visualizações
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
NTXISSACSC2 - Information Security Opportunity: Embracing Big Data with Peopl...
North Texas Chapter of the ISSA2.3K visualizações
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius1.2K visualizações
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
Quest880 visualizações
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
JK Tech642 visualizações
Vendor Landscape: Security Information and Event ManagementVendor Landscape: Security Information and Event Management
Vendor Landscape: Security Information and Event Management
Info-Tech Research Group2.8K visualizações
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO1K visualizações
IT Security Incident Response for NonprofitsIT Security Incident Response for Nonprofits
IT Security Incident Response for Nonprofits
Community IT Innovators492 visualizações
Top 5 Cloud Security Predictions for 2016 Top 5 Cloud Security Predictions for 2016
Top 5 Cloud Security Predictions for 2016
Alert Logic 2K visualizações
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best Practices
Greenway Health5.6K visualizações
Big Data Analytics for Cyber Security: A Quick OverviewBig Data Analytics for Cyber Security: A Quick Overview
Big Data Analytics for Cyber Security: A Quick Overview
Femi Ashaye2.6K visualizações
Vendor Landscape: Email Security GatewayVendor Landscape: Email Security Gateway
Vendor Landscape: Email Security Gateway
Info-Tech Research Group1.5K visualizações
The Real Costs of SIEM vs. Managed Security ServiceThe Real Costs of SIEM vs. Managed Security Service
The Real Costs of SIEM vs. Managed Security Service
F-Secure Corporation13.3K visualizações
Cybersecurity framework v1-1_presentationCybersecurity framework v1-1_presentation
Cybersecurity framework v1-1_presentation
Monchai Phaichitchan70 visualizações
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
NTXISSACSC2 - Texas CISO Council - Information Security Program Essential Gui...
North Texas Chapter of the ISSA2.1K visualizações

Similar a Edgescan 2021 Vulnerability Stats Report(20)

Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
TechBiz Forense Digital1.1K visualizações
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
Dean Iacovelli148 visualizações
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence Services
TechBiz Forense Digital2K visualizações
VeriSign iDefense Security Intelligence ServicesVeriSign iDefense Security Intelligence Services
VeriSign iDefense Security Intelligence Services
TechBiz Forense Digital11 visualizações
Verisign iDefense Security Intelligence ServicesVerisign iDefense Security Intelligence Services
Verisign iDefense Security Intelligence Services
TechBiz Forense Digital2.5K visualizações
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment Experience
Valery Yelanin3.4K visualizações
The State of Application Security: What Hackers BreakThe State of Application Security: What Hackers Break
The State of Application Security: What Hackers Break
Imperva580 visualizações
The State of Application Security: What Hackers BreakThe State of Application Security: What Hackers Break
The State of Application Security: What Hackers Break
Imperva490 visualizações
Security Risks: The Threat is RealSecurity Risks: The Threat is Real
Security Risks: The Threat is Real
ePlus809 visualizações
Cisco's 2016 Annual Security reportCisco's 2016 Annual Security report
Cisco's 2016 Annual Security report
Cisco Canada581 visualizações
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
Peggy Lawless130 visualizações
Splunk Discovery Day Hamburg - Security SessionSplunk Discovery Day Hamburg - Security Session
Splunk Discovery Day Hamburg - Security Session
Splunk332 visualizações
ITrust Whitepaper: Top 10 vulnerabilitiesITrust Whitepaper: Top 10 vulnerabilities
ITrust Whitepaper: Top 10 vulnerabilities
ITrust - Cybersecurity as a Service161 visualizações
22 need-for-security22 need-for-security
22 need-for-security
Al Balqa Applied University233 visualizações
Jedi mind tricks for building application security programsJedi mind tricks for building application security programs
Jedi mind tricks for building application security programs
Security BSides London513 visualizações
Reporte de Seguridad de Cisco 2016Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016
Oscar Romano744 visualizações
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
centralohioissa955 visualizações
Securing Your Small Business NetworkSecuring Your Small Business Network
Securing Your Small Business Network
Anindita Ghatak427 visualizações
Cybersecurity in the Workplace is Everyone's Business Cybersecurity in the Workplace is Everyone's Business
Cybersecurity in the Workplace is Everyone's Business
Symantec194 visualizações
El contexto de la integración masiva de datosEl contexto de la integración masiva de datos
El contexto de la integración masiva de datos
Software Guru422 visualizações
Anúncio

Mais de Eoin Keary(20)

Validation of vulnerabilities.pdfValidation of vulnerabilities.pdf
Validation of vulnerabilities.pdf
Eoin Keary5 visualizações
Does a Hybrid model for vulnerability Management Make Sense.pdfDoes a Hybrid model for vulnerability Management Make Sense.pdf
Does a Hybrid model for vulnerability Management Make Sense.pdf
Eoin Keary4 visualizações
Edgescan 2022 Vulnerability Statistics ReportEdgescan 2022 Vulnerability Statistics Report
Edgescan 2022 Vulnerability Statistics Report
Eoin Keary182 visualizações
One login enemy at the gatesOne login enemy at the gates
One login enemy at the gates
Eoin Keary90 visualizações
Edgescan vulnerability stats report 2020Edgescan vulnerability stats report 2020
Edgescan vulnerability stats report 2020
Eoin Keary68 visualizações
edgescan vulnerability stats report (2018) edgescan vulnerability stats report (2018)
edgescan vulnerability stats report (2018)
Eoin Keary160 visualizações
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
Eoin Keary106 visualizações
Full stack vulnerability management at scaleFull stack vulnerability management at scale
Full stack vulnerability management at scale
Eoin Keary173 visualizações
Vulnerability Intelligence - Standing Still in a world full of changeVulnerability Intelligence - Standing Still in a world full of change
Vulnerability Intelligence - Standing Still in a world full of change
Eoin Keary53 visualizações
Edgescan vulnerability stats report 2019 - h-isac-2-2-2019Edgescan vulnerability stats report 2019 - h-isac-2-2-2019
Edgescan vulnerability stats report 2019 - h-isac-2-2-2019
Eoin Keary180 visualizações
Hide and seek - Attack Surface Management and continuous assessment.Hide and seek - Attack Surface Management and continuous assessment.
Hide and seek - Attack Surface Management and continuous assessment.
Eoin Keary113 visualizações
Online Gaming Cyber security and Threat ModelOnline Gaming Cyber security and Threat Model
Online Gaming Cyber security and Threat Model
Eoin Keary600 visualizações
Keeping the wolf from 1000 doors.Keeping the wolf from 1000 doors.
Keeping the wolf from 1000 doors.
Eoin Keary154 visualizações
Security by the numbersSecurity by the numbers
Security by the numbers
Eoin Keary349 visualizações
Web security – everything we know is wrong cloud versionWeb security – everything we know is wrong cloud version
Web security – everything we know is wrong cloud version
Eoin Keary87 visualizações
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
Eoin Keary120 visualizações
Ebu class edgescan-2017Ebu class edgescan-2017
Ebu class edgescan-2017
Eoin Keary823 visualizações
Vulnerability management and threat detection by the numbersVulnerability management and threat detection by the numbers
Vulnerability management and threat detection by the numbers
Eoin Keary152 visualizações
14. html 5 security considerations14. html 5 security considerations
14. html 5 security considerations
Eoin Keary160 visualizações
04. xss and encoding04. xss and encoding
04. xss and encoding
Eoin Keary1.9K visualizações

Último(20)

Hybrid App Development.pdfHybrid App Development.pdf
Hybrid App Development.pdf
Sanjaysharma9946542 visualizações
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
Torsten Lodderstedt0 visão
graphical.pptxgraphical.pptx
graphical.pptx
ssuser055ce60 visão
thai-hi-lo-w88thai-hi-lo-w88
thai-hi-lo-w88
w88 hey2 visualizações
pok-deng-dealer-ao-w88pok-deng-dealer-ao-w88
pok-deng-dealer-ao-w88
w88 hey3 visualizações
informationtech1-180930175759.pptxinformationtech1-180930175759.pptx
informationtech1-180930175759.pptx
jaspreetkaur9080491 visão
Web5 - Open to Build - Block-TBDWeb5 - Open to Build - Block-TBD
Web5 - Open to Build - Block-TBD
SSIMeetup0 visão
National chocolate ice cream day. National chocolate ice cream day.
National chocolate ice cream day.
Shathya11c3 visualizações
HP1022UG.pdfHP1022UG.pdf
HP1022UG.pdf
PkmJkl0 visão
cara_2018_110arunodayamajibatch_dassignment_1seedproductiontech.pptxcara_2018_110arunodayamajibatch_dassignment_1seedproductiontech.pptx
cara_2018_110arunodayamajibatch_dassignment_1seedproductiontech.pptx
AswinVechoor1 visão
ERROR_DETECTION.pptxERROR_DETECTION.pptx
ERROR_DETECTION.pptx
BeniamTekeste2 visualizações
From Sitting to Energising. Where do you want to Be?From Sitting to Energising. Where do you want to Be?
From Sitting to Energising. Where do you want to Be?
CSUC - Consorci de Serveis Universitaris de Catalunya12 visualizações
introduction.pptxintroduction.pptx
introduction.pptx
KelvinDube43 visualizações
Forensics_in_Pakistan_PPT.pptxForensics_in_Pakistan_PPT.pptx
Forensics_in_Pakistan_PPT.pptx
AMIRHAMZA189531 visão
Network Development in the GÉANT ProjectNetwork Development in the GÉANT Project
Network Development in the GÉANT Project
CSUC - Consorci de Serveis Universitaris de Catalunya12 visualizações
COMPUTER .pptxCOMPUTER .pptx
COMPUTER .pptx
anjalisaini7513293 visualizações
GSC20_Session8_Security_Laura_ISOIEC.pptxGSC20_Session8_Security_Laura_ISOIEC.pptx
GSC20_Session8_Security_Laura_ISOIEC.pptx
Olajide Kuku1 visão
Overview of Connected World.pptxOverview of Connected World.pptx
Overview of Connected World.pptx
AnoldKathoKamu2 visualizações
punto-banco-w88punto-banco-w88
punto-banco-w88
w88 hey0 visão
bai-3-cay-mien-bac-w88bai-3-cay-mien-bac-w88
bai-3-cay-mien-bac-w88
w88 hey2 visualizações
Anúncio

Edgescan 2021 Vulnerability Stats Report

  1. Risk Density
  2. Risk Density External Applications 32% High or Critical Risk External Infrastructure 22% High or Critical Risk Internal Applications 50% High or Critical Risk Internal Infrastructure 18% High or Critical Risk
  3. Risk Density – Organization Size 11-100 staff 0.5% Critical Risk 101 -1000 staff 1% Critical Risk 1001-10,000 staff 3% Critical Risk 10,000+ staff 2.5% Critical Risk 11-100 staff 3% High Risk 101 -1000 staff 13% High Risk 1001-10,000 staff 11% High Risk 10,000+ staff 10% High Risk
  4. AppSec Critical Risk Top 10 SQL Injection was first discussed in 1998 by Jeff Forristal, also known by the alias Rain Forrest Puppy
  5. AppSec High Risk Top 10 Cross-Site Scripting was first discussed in 1999 by Microsoft.
  6. Full stack Critical Risk Top 10 PHP is used by 78.9% of all websites with a known server-side programming language…
  7. Most common Risk-Accepted Vulnerability
  8. Mean Time to Remediate – MTTR Critical risk’s IT and Information Security generally does not grow linearly with the size of a business. Larger organizations have more to secure, more data and systems, but generally not relatively more security staff! We believe the size of an organization does not impact speed of security. We believe the size of an organization does not impact speed of security.
  9. Ages of discovered CVE’s 88% of CVE’s are between 0-5 years old. CVE’s from 2015 are the most common.
  10. Malware, Ransomware & CVE’s CVE Relative Occurrence Malware Name/variant CVE-2019-0708 28.90% Bluekeep CVE-2017-0143 26.50% EternalSynergy and EternalBlue Exploit Kit CVE-2017-5638 13.20% JexBoss CVE-2017-5715 9.10% Meltdown / Spectre CVE-2017-10271 6.30% Cryptominer CVE-2018-0802 4.20% EXPLOIT.MSOFFICE.CVE-2018-0802 CVE-2019-2725 3.50% Monero CVE-2017-11882 3.10% Loki Infostealer CVE-2018-12130 1.40% Metldown2 CVE-2018-7600 1.00% #drupalgeddon2 CVE-2018-4878 0.70% SWF_EXPLOYT.BL CVE-2017-0199 0.70% FINSPY CVE-2018-8174 0.70% Monero Miner CVE-2012-0158 0.70% Safe The Most common CVE’s related to Malware and Ransomware were between 1 and 3 years old
  11. Thanks. 2021 Vulnerability Stats Report: https://info.edgescan.com/vulnerability-stats-report-2021 @edgescan www.edgescan.com
Anúncio