- 2010 saw the largest number of vulnerability disclosures in history, up 27 %. This increase has had a significant operational impact for anyone managing large IT infrastructures. More vulnerability disclosures can mean more time patching and remediating vulnerable systems.
- 49% of the vulnerabilities disclosed in 2010 were web application vulnerabilities. The majority of these were cross site scripting and SQL injection issues. These vulnerabilities represent just the tip of the iceberg since many organizations develop third-party applications in-house that are not subject to public vulnerability reports.
- Many exploits are publicly released tens or hundreds of days after the public disclosure of the vulnerabilities they target, indicating that attackers may be able to make use of exploit code long after patches have been made available.
- Bot network activity continued to grow in 2010. In addition, the term "Advanced Persistent Threat" became an everyday part of the corporate security lexicon after high profile attacks on corporate enterprises by sophisticated, targeted attackers.
- Emerging trends like cloud computing and the proliferation of mobile devices continue to raise security concerns. Security has become a major influencer in the adoption of these technologies in corporate environments.
> http://www.indexel.net/actualites/le-rapport-x-force-d-ibm-tire-la-sonnette-d-alarme-3327.html
Aucun commentaire:
Enregistrer un commentaire