NetSPI Reveals Urgency for Enhanced Vulnerability Prioritization

NetSPI Reveals Urgency for Enhanced Vulnerability Prioritization

By Stefania Viscusi

NetSPI, a provider of offensive security solutions, released its 2023 Offensive Security Vision Report highlighting vulnerability trends in applications, cloud, and networks.

It analyzed over 300,000 anonymized findings from numerous pentest engagements and identified prevalent vulnerabilities across industries like healthcare, retail, finance, and manufacturing.

The findings are meant to help security and business leaders to prioritize discovery, management, and remediation efforts. 

"This report makes it abundantly clear that there's still a lot to be done to support and enable the industry to improve vulnerability management," said Cody Chamberlain, Head of Product at NetSPI. "We hope the observations and actionable recommendations throughout our inaugural Offensive Security Vision Report are a great data-driven starting point for security teams to harden their security."

The report revealed that the government and nonprofit industry had the most critical and high severity vulnerabilities, while the insurance industry had the least. It also found that internal networks have three times the number of exploitable vulnerabilities compared to external networks and that web applications had a higher occurrence of high and critical vulnerabilities compared to mobile and thick applications.

Standing in the way of combating these issues once and for all are 2 barriers the report uncovered: lack of resources (70%) and prioritization (60%).

"One narrative made evident from our Offensive Security Vision Report is that vulnerability prioritization is critical," said Vinay Anand, Chief Product Officer at NetSPI. "The reality is that we cannot fix every vulnerability discovered, but if prioritization and support continue to lack, the security industry will fall short. This realization, coupled with the industry experiencing rising burnout rates among developer teams, should evoke a sense of urgency. Our findings can help leaders grasp the severity of the situation to prioritize vulnerability management."




Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Shining a Light on the Dark Web: Searchlight Cyber Debuts Comprehensive Hub

By: Greg Tavarez    3/28/2024

The Dark Web Hub is a one-stop shop for crucial context and continuously updated information on dark web marketplaces, ransomware actors, hacking foru…

Read More

Stellar Cyber and Trellix Bridge the Gap in Security Operations

By: Greg Tavarez    3/28/2024

Stellar Cyber announced the integration with Trellix Endpoint Security HX to allow customers to deploy more robust security solutions and improve thei…

Read More

CyberSaint Raises $21M in Series A Funding to Continue Securing its CyberStrong Customers

By: Alex Passett    3/27/2024

CyberSaint announced that it succeeded in a huge $21 million Series A funding round. This was led by Riverside Acceleration Capital (RAC) with other i…

Read More

US Education Receives Security Upgrade with Free Browser Protection Offered by Conceal, Carahsoft

By: Greg Tavarez    3/27/2024

Conceal and Carahsoft recently unveiled an initiative to fortify the cybersecurity infrastructure of U.S. educational institutions.

Read More

Cato's AI Takes Control of Security and Incident Response

By: Greg Tavarez    3/27/2024

With Cato's recently announced Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and conduct root c…

Read More