{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Secunia_Half_Year_Report_2010

Secunia_Half_Year_Report_2010 - Secunia Half Year Report...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Secunia Half Year Report 2010
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Letter from the CEO - An Alarming Trend for End-Users I would like to welcome you to the first release of the Secunia Half Year Report. In this report we look at the evolution of the security threat posed by vulnerabilities over the last five years, and provide an outlook for 2010 based on the data of the first six months of this year. The overall conclusion is that despite considerable security investments, the software industry at large still proves unable to produce software with substantially less vulnerabilities, highlighting the continued need for Vulnerability Intelligence and Patch Management. Further, the report shows an alarming development in 3rd party program vulnerabilities, representing an increasing threat to both users and business, which, however, continues to be greatly ignored. This trend is supported by the fact that users and businesses still perceive the operating system and Microsoft products to be the primary attack vector, largely ignoring 3rd party programs, and finding the actions to secure these too complex and time-consuming. Ultimately this leads to incomplete patch levels of the 3rd party programs, representing rewarding and effective targets for criminals. Key highlights of the Secunia Half Year Report 2010: ± Since 2005, no significant up-, or downward trend in the total number of vulnerabilities in the more than 29,000 products covered by Secunia Vulnerability Intelligence was observed. ± A group of ten vendors, including Microsoft, Apple, Oracle, IBM, Adobe, and Cisco, account on average for 38 percent of all vulnerabilities disclosed per year. ± In the two years from 2007 to 2009, the number of vulnerabilities affecting a typical end-user PC almost doubled from 220 to 420, and based on the data of the first six months of 2010, the number is expected to almost double again in 2010 to 760. ± During the first six months of 2010, 380 vulnerabilities or 89% of the figures for all of 2009 has already been reached. ± A typical end-user PC with 50 programs installed had 3.5 times more vulnerabilities in the 24 3rd party programs installed than in the 26 Microsoft programs installed. It is expected that this ratio will increase to 4.4 in 2010. In order to aid in the development of further protection mechanisms against the vulnerability threat, Secunia is currently testing a technology, which can update a broad variety of programs from a number of different vendors. This technology will be incorporated into the Secunia Personal Software Inspector (PSI) 2.0, which is currently undergoing a technology preview, and it is our intention that Secunia PSI with Auto Updating will significantly improve the security of home users’ PCs. The Technology Preview and Beta stage is expected to take another 4-5 months, followed by the final release in late 2010. Vendors who are interested in securing end-users PCs are most welcome to contact Secunia for more information.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}