In its inaugural 2023 Offensive Security Vision Report, NetSPI unveils findings that highlight vulnerability trends across applications, cloud, and networks.
Vulnerability patterns
The report offers a look back — and forward — at some of the most significant vulnerability patterns of the past year to help security and business leaders focus discovery, management, and remediation efforts on the riskiest vulnerabilities most likely to exist on their attack surface.
According to the NIST National Vulnerability Database vulnerability count has steadily increased year-over-year for the past five years – and shows no signs of slowing down. This, coupled with the reality of burnt-out security and development teams, creates an imminent need for prioritization.
The report analyzed over 300,000 anonymized findings from thousands of pentest engagements, spanning more than 240,000 hours of testing, to identify the most prevalent vulnerabilities across various industries — which include healthcare, retail, finance, and manufacturing.
Today, offensive security is only as valuable as its ability to help you prioritize remediation of the issues that matter most to your business.
Barriers to timely and effective remediation
Lack of resources, vulnerability prioritization, and business priorities were reported as the top three barriers to timely and effective remediation. The trend across all three? Security teams need support prioritizing the increasing number of vulnerabilities present in their environment.
Business and human context remains necessary to overcome vulnerability prioritization challenges, yet teams remain short staffed.
What researchers have found:
On average, the highest volume of critical and high severity
Read more