Webinar: The Cyber Attacker’s Advantage

Want to see if Cybriant is right for you?

Try a no-risk free trial today!

Short form

human(Required)
This field is for validation purposes and should be left unchanged.

The Report: Quantifying the Attacker’s Advantage

Tenable Research has just released a report on the difference in time between when an exploit is publicly available for a given vulnerability and the first time that a vulnerability is assessed.

 

For this study, Tenable analyzed the 50 most prevalent critical and high-severity vulnerabilities from just under 200,000 vulnerability assessment scans over a three-month period in late 2017 to anchor the analysis to the real world. We used these vulnerabilities to derive the “time to exploit availability” and “time to assess” to calculate the median delta.

 

Join the webinar: The Cyber Attacker’s Advantage for a LIVE review of the research.

Attackers are racing ahead

Our analysis shows that the median delta was -7.3 days. The median time to exploit was 5.5 days, compared to a median time to assess of 12.8 days. On average, this gives attackers a seven-day head start on the defenders.

 

The delta was negative for 76 percent of analyzed vulnerabilities. So, on a vulnerability-by-vulnerability basis, the attackers seize the first-mover advantage more often than not.

 

When the delta was positive, it was usually because it took so long for an exploit to become available – rather than the defenders’ speedy scanning frequency. The fact that for 34 percent of the analyzed vulnerabilities, an exploit was available on the same day the vulnerability was disclosed is sobering. But it really gets interesting when we drill down into the individual vulnerabilities.

 

Twenty-four percent of the 50 most prevalent vulnerabilities we analyzed are actively being exploited in the wild by malware, ransomware or exploit kits. A further 14 percent were sufficiently critical to be discussed in the media. The sample set contained vulnerabilities being targeted by the Disdain and Terror exploit kits, Cerber, and StorageCrypt ransomware and even by APT groups such as Black Oasis to install the FinSpy surveillance software.

Enterprise-grade managed security services to fit your mission, needs, and budget.

Let our award-winning team make sure your business is safe.

Shoot us a message to start a discussion about how our team can help you today.

Main Contact Form

Areas of interest:
How do you prefer to be contacted?
human(Required)
This field is for validation purposes and should be left unchanged.

“5 star company to work with”

Jessie M.