5 Software Vendors Accounting For Almost 25% Of Vulnerabilities In 2019

5 software vendors accounted for 24.1% of all the vulnerabilities in 2019 according to the RiskSense Vulnerability Weaponization Spotlight Report.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Dov Goldman
Dov Goldman , Director of Risk & Compliance
InfoSec Expert
August 28, 2019 12:50 pm

It\’s not surprising that a few huge companies comprise almost 25% of the vulnerabilities identified so far in 2019. After all, uncountable software solutions incorporate their products and infrastructure. The problem however, goes beyond the single company and affects the entire supply chain. Companies know which vendors they work with – but they don’t know which vendors their vendors work with. It might just be on one or more of these top five vendors. Any company truly concerned about information security and privacy should be assessing and managing the risk their vendors security posture. What is new is the need to identify fourth parties – the vendors\’ subcontractors. Automated solutions that discover fourth parties and accurately identify their entire digital asset base can be a tremendous help in truly understanding risk when loading or sharing sensitive data in any software system or web service. Without this kind of technology, companies are literally \”flying blind\” – they don\’t know the infosec risk of their digital supply chain.

Last edited 3 years ago by Dov Goldman
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x