Eoin Keary, CEO of edgescan, and Sean Martin from ITSPmagazine, catch up in Dublin, Ireland. Eoin shares some of the key findings captured during their latest vulnerability assessment and management research activities his team of experts performs and the trends and stats of these activities that his firm tracks for their clients around the world.
Assessments are performed against clients from industries including media, pharmaceutical, finance, banking, gaming, gambling, government, and small/medium businesses. Vulnerability data is gathered and sanitized across edgescan's global customer set.
These are a few of the key findings Eoin discusses:
- Roughly 70% of vulnerabilities discovered are in the non-web application layer and 30% are in web applications
- Most of the really bad stuff can be found on the application layer
- Significant amount of vulnerabilities found in application frameworks
- 1 in every 5 assets assessed from a full-stack view had an issue that would cause a PCI-DSS fail
- There are a number of interesting CVE-oriented findings related to age, numbers, severities
Visit edgscan on ITSPmagazine to learn more and to access the free report.