From RSA 2006: 'Tis the year to cut down vulnerabilities

By

Qualys has set a worthy goal for security companies to chase throughout 2006: cutting the half-lives of vulnerabilities by one-fifth.



Speaking at the 2006 RSA Conference in San Jose on Wednesday, Terry Ramos presented his company's "Laws of Vulnerabilities," pointing out that malicious software continues to increase.

"Malicious code continues to grow," he said, repeating the study's general findings. "New vulnerabilities are announced every week."

Seventy percent of the data for the survey was compiled from global enterprise networks, while 30 percent was taken from random trials, Ramos said. It was based on the results of 32 million network scans from the third quarter of 2002 to the same time in 2005.

Flaws are quickly taken advantage of by malicious users, Ramos added.

"Within days, there are exploits available for 80 percent of vulnerabilities. So, it is a race," he said. "Ninety percent of vulnerability exposures are caused by just 10 percent of critical vulnerabilities."

Time is also of the essence in battling planned attacks, Ramos added.

"Automated attacks create the most damage in their first 15 days," he said.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?