Need help? Chat now!
Search results for:
A recent report released by the managed security services provider Solutionary shows that "failures in patch management of vulnerable systems have been a key enabler of cybercrime\, "according to an_ article published by Network World. Additionally, the article indicates that the firm has concluded that "botnet attacks" are the "_biggest single threat_" against organizations, according to their annual _Global Threat Intelligence Report.
Solutionary compiled a large amount of data to populate their report, which, according to the article, included a "_year's worth of scans of customers' networks gathered through 139,000 network devices, such as intrusion-detections systems, firewall, and routers, and analyzed about 300 million events_" and a total collection of "_3 trillion logs_" related to these types of attacks. The article indicates that "_Qualys, Nessus, Saint, Rapid7, nCircle, and Retina_" are some of the products Solutionary uses to generate these scans. According to the article, the firm also investigated "_the latest exploit kits used by hackers_" which included "_exploits from as far back as 2006_".
One statement from Solutionary's Global Threat Intelligence Report was quoted in the article saying, "Half of the exploitable vulnerabilities we identified have been publicly known for at least two years, yet they remain open for an attacker to find and exploit. In addition, the data indicates many organizations today are unaware, lack the capability, or don't perceive the importance of addressing these vulnerabilities in a timely manner." The firm found through its data collection that it often "took an organization up to 200 days to bring things up to snuff in terms of remediation and patch management" which resulted in these issues later on, according to Network World. Don Gray, Chief Security Strategist at Solutionary, was quoted in the article to say, "There's kind of a 'throw it over the wall' mentality.
Read more about the Solutionary report in the complete article and learn what concerns have been raised during the process.
Written by Bryon Turcotte / March 31, 2014