LONDON, Nov. 19, 2015 /PRNewswire/ -- Public Vulnerability Research Market in 2014 : The Evolving Threat Environment During the Internet of Things Era
The Frost & Sullivan analysis of the global public vulnerability research market in 2014 is part of a series of studies compiled from various public sources to analyze the public vulnerability landscape from 2013 to 2014. Vulnerability data is collected, queried, and segmented, resulting in a wealth of information that is intended to provide qualitative commentary on the research industry and to recognize the most prolific disclosers of new vulnerability reports. The top research companies are interviewed to provide industry and technology trends. Within this analysis, Frost & Sullivan has identified key market trends, competitive analysis, and growth opportunities to quantify and evaluate the public vulnerability research market.
Executive Summary—Key Findings
-software vulnerabilities were reported publicly by research organizations in 2014.
o In 2014, critical vulnerabilities that rated in severity amounted to % of vulnerabilities disclosed, which was down from the % reported in 2013.
o High-severity vulnerabilities accounted for % of disclosed vulnerabilities (down from % percent in 2013).
o Medium and low-severity vulnerabilities represented % and % of vulnerabilities disclosed, respectively in 2014. Highlighting that better security measures with improved time-to-patch rate is helping to improve vulnerability severity ratings in 2014.
o HPE had the most verified vulnerabilities reported with proving the veracity of the HPE Tipping Point contributor program.
-Hewlett-Packard Enterprise (HPE) found critical and high-severity vulnerabilities (vulnerabilities are labeled critical severity if they have a common vulnerability scoring system (CVSS) base score of and rated high severity with a CVSS base score of – ). All other disclosing companies accounted for high-severity vulnerabilities.
- Buffer overflow errors were the most common vulnerability flaw in 2013 and remained so in 2014. HPE found incidents of buffer overflow errors in 2014, followed by Verisign iDefense, which found vulnerabilities related to buffer overflow errors.
- In 2014, the top six applications with the most vulnerabilities were Microsoft Internet Explorer, Oracle Java Runtime Environment, Microsoft Windows, Adobe Flash Player, Apple QuickTime, and Adobe Reader.
- Frost & Sullivan counted vulnerabilities (or % of all vulnerabilities) directly related to Web applications.
- SCADA vulnerabilities increased from in 2013 to in 2014.
- Researchers are looking at more than just network-attached endpoints for vulnerabilities. Web applications and browsers, malware, mobile malware, SCADA, and the Internet of Things are increasingly scrutinized.
- Legacy systems and software that are no longer supported are a major concern for IT departments. On April 14, 2014, Microsoft discontinued its technical support for Windows XP on most devices and all PCs. There are an estimated 300 million PCs actively running on XP.
Source: Frost & Sullivan analysis. NFDF-74 11 Research Obj
Download the full report: https://www.reportbuyer.com/product/3398345/
Reportbuyer is a leading industry intelligence solution that provides all market research reports from top publishers