Wednesday, February 20, 2013

25 years of vulnerabilities: 1988-2012

We at the VRT are always interested in vulnerabilities and information about vulnerabilities. To this end we recently dug into the NVD database and examined data for the last 25 years and used it to map out trends and general information on vulnerabilities in software.

Some of the questions we asked ourselves were:
  • What are the most popular vulnerabilities?
  • Which had the most impact?
  • Which vendors and products suffered from the most issues?
  • Which browser is the best in terms of vulnerabilities found?
  • How many 0-days are found in products?
While the answers to some of these questions are predictable, others are surprising.

We will be presenting the answers to these questions in a talk at RSA Conference San Francisco 2013. If you're attending RSA and are interested in the answers to these questions, please join us on March 1st at 9.00 AM. A report delving into the details will be released after the conference, you can pre-register here and you will receive a link to the report once it's been published.

UPDATE: the full report has now been released, download it here

No comments:

Post a Comment