5 Software Vendors Accounting For Almost 25% Of Vulnerabilities In 2019

5 software vendors accounted for 24.1% of all the vulnerabilities in 2019 according to the RiskSense Vulnerability Weaponization Spotlight Report.

Experts Comments

August 28, 2019
Dov Goldman
Director of Risk & Compliance
Panorays
It's not surprising that a few huge companies comprise almost 25% of the vulnerabilities identified so far in 2019. After all, uncountable software solutions incorporate their products and infrastructure. The problem however, goes beyond the single company and affects the entire supply chain. Companies know which vendors they work with – but they don’t know which vendors their vendors work with. It might just be on one or more of these top five vendors. Any company truly concerned about.....Read More
It's not surprising that a few huge companies comprise almost 25% of the vulnerabilities identified so far in 2019. After all, uncountable software solutions incorporate their products and infrastructure. The problem however, goes beyond the single company and affects the entire supply chain. Companies know which vendors they work with – but they don’t know which vendors their vendors work with. It might just be on one or more of these top five vendors. Any company truly concerned about information security and privacy should be assessing and managing the risk their vendors security posture. What is new is the need to identify fourth parties – the vendors' subcontractors. Automated solutions that discover fourth parties and accurately identify their entire digital asset base can be a tremendous help in truly understanding risk when loading or sharing sensitive data in any software system or web service. Without this kind of technology, companies are literally "flying blind" - they don't know the infosec risk of their digital supply chain.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.