Every year, new vulnerabilities are revealed. Some of which get exploited and add to the global 'threat inflation'.
The count for 2020 reached 4,168 high-risk vulnerabilities, 10,710 medium risk vulnerabilities, and 2,569 low-risk vulnerabilities, for a total of 17,447 recorded vulnerabilities, exceeding the total set in 2019.
So we don't need a fortune teller to tell us that this trend will continue into 2021. We need to think about what is fundamentally wrong with our Vulnerability Management practice and why, despite our investments, we're continuing to be more vulnerable. The answer lies in the way we prioritize these vulnerabilities - we can't deal with thousands of critical and high-risk vulnerabilities - we need to know which of them are actually exploitable and focus just on those. It's possible.
There is a group of heroes whose stories go untold, for whom songs are not sung and holidays are not dedicated. But they are pillars of our society, maintaining the stability and structure of our way of life alongside the teachers, policemen, doctors, and other guardians of good who uphold the order and improve our lives. Who are these people?
To all our cyber security professionals working around the clock to keep us safe - you have our gratitude. We carry on knowing we are protected, companies can continue to do business without succumbing to threats or fear, and we know you deserve our respect, even if sometimes it starts with just a little bit...
Information Technology (IT) is a lot like archeology. There are layers of legacy beneath the surface made by people that are no longer around.
The difference is that with IT, these layers of dated technology can backfire. In other words – everything in IT, whether known or not, can and will be used against you in the course of a breach. These skeletons in the IT-closet can come back to haunt you.
But no one really knows what’s down there and it’s not documented. So what’s the solution to unearth and mitigate these past subterranean breachable exposures?
Answer: Automated Penetration Testing will reveal these weaknesses in seconds, network-wide.