Edgescan’s 2022 Vulnerability Statistics Report finds it takes organizations an average of two months to patch critical bugs
This week, smart vulnerability management provider Edgescan has published the findings of its 2022 Vulnerability Statistics Report, which for the 7th year running offers a comprehensive view of the state of vulnerability management globally.
The report reveals that organizations are still taking nearly two months to remediate critical risk vulnerabilities, with the average mean time to remediate (MTTR) across the full stack set at 60 days.
High rates of “known” (i.e. patchable) vulnerabilities that have working exploits in the wild, used by the known nation-states and cybercriminal groups are not uncommon.
Remote access exposures across the attack surface are a worrying trend and accounted for 5% of total attack surface exposures in 2021.
Crucially, 57% of all observed vulnerabilities are more than two years old, with as many as 17% being more than five years old. These are all vulnerabilities that have working exploits in the wild, used by known nation-state and cybercriminal groups. Edgescan also observed a concerning 1.5% of known, unpatched vulnerabilities that are over Read more:https://bit.ly/3vZUMLr