- Products & Services
- Knowledge Base
The area of cyber security exposure is still in the web application layer; 19% of application vulnerabilities are either high or critical risk, compared to just 2% of network vulnerabilities.
DUBLIN, IRELAND, February 22, 2019 /24-7PressRelease/ -- edgescan, a leader in fullstack vulnerability management via its cloud based SaaS released their "Vulnerability Stats Report 2019" which describes both internal and external facing risks faced by typical organisations across the entire stack from a cyber security standpoint.
Key items covered are:
edgescan research has uncovered that vulnerabilities which are over 20 years old still exist in live Internet facing systems. 81.58% of systems had at least one CVE (Common Vulnerability) and 20.57% of systems assessed had more than 10 CVE's.
81% of all vulnerabilities in enterprise IT systems are network vulnerabilities and only 19 percent are application vulnerabilities, but the area of exposure is still in the application layer; 19% of application vulnerabilities are either high or critical risk, compared to just 2% of network vulnerabilities.
According to their research, it takes an average enterprise about 69 days to patch a critical web application vulnerability and 65 days to patch the same in its infrastructure layers.
The edgescan research go on to cover off exposed services facing the Public Internet. In 2018 they discovered over 750 exposed databases, 7,625 Remote Desktop Services (RDP).
In relation to compliance, edgescan a certified PCI ASV, describes that 68% of all vulnerabilities discovered had a CVSS score of above 4.0 which results in a PCI compliance fail.
The full report can be downloaded here
edgescan Fullstack Vulnerability Management™ helps companies to get the most from their vulnerability scanning and management requirements.
edgescan provides unparalleled vulnerability detection & continuous system visibility.
With thousands of systems under vulnerability management globally across numerous industry verticals edgescan is a leader in validated vulnerability intelligence.
# # #