5 Software Vendors Accounting For Almost 25% Of Vulnerabilities In 2019

By   ISBuzz Team
Writer , Information Security Buzz | Aug 28, 2019 04:46 am PST

5 software vendors accounted for 24.1% of all the vulnerabilities in 2019 according to the RiskSense Vulnerability Weaponization Spotlight Report.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Dov Goldman
Dov Goldman , Director of Risk & Compliance
August 28, 2019 12:50 pm

It\’s not surprising that a few huge companies comprise almost 25% of the vulnerabilities identified so far in 2019. After all, uncountable software solutions incorporate their products and infrastructure. The problem however, goes beyond the single company and affects the entire supply chain. Companies know which vendors they work with – but they don’t know which vendors their vendors work with. It might just be on one or more of these top five vendors. Any company truly concerned about information security and privacy should be assessing and managing the risk their vendors security posture. What is new is the need to identify fourth parties – the vendors\’ subcontractors. Automated solutions that discover fourth parties and accurately identify their entire digital asset base can be a tremendous help in truly understanding risk when loading or sharing sensitive data in any software system or web service. Without this kind of technology, companies are literally \”flying blind\” – they don\’t know the infosec risk of their digital supply chain.

Last edited 4 years ago by Dov Goldman

Recent Posts

Would love your thoughts, please comment.x