January 22, 2024 at 07:18AM
Orange Cyberdefense analyzed 2.5 million vulnerabilities in their customer’s assets. The Security Navigator 2024 report details 129,395 incidents and 25,076 breaches, offering insights into digital threats and trends. The majority of findings are rated ‘High’ or ‘Medium’, with some remaining unresolved for over 150 days. Download the report for in-depth analysis and guidance on cybersecurity.
From the provided meeting notes, the key takeaways are:
– 2.5 million vulnerabilities were analyzed in customer assets, with a focus on network equipment, desktops, web servers, database servers, and other devices reachable across the Internet or on internal networks. The dataset represented a subset of clients subscribing to vulnerability scanning services.
– The release of Security Navigator 2024 documented 129,395 incidents and 25,076 confirmed breaches, offering critical insights into current digital threats.
– The analysis revealed that a majority of the vulnerabilities were classified as ‘High’ or ‘Medium’ severity, with a significant percentage being ‘Critical’ or ‘High’. There was a notable decrease in the average number of ‘Critical’ or ‘High’ findings compared to the previous year, indicating overall improvement.
– The high numbers of ‘Critical’ and ‘High’ findings were largely influenced by assets running Microsoft Windows or Microsoft Windows Server operating systems.
– The construction industry showed exceptional performance in managing vulnerabilities, with the mining, quarrying, and oil and gas industries reporting the highest number of unique findings per asset.
– Unresolved vulnerabilities continue to persist, with 18% of serious findings being 150 days or older. While most findings are resolved after 90 days, 35% of all findings persist for 120 days or longer.
– The role of ethical hackers in conducting penetration tests to identify vulnerabilities and potential threats was highlighted, emphasizing the importance of leveraging this as part of proactive defense strategy.
– The meeting notes emphasize the value of Security Navigator in providing more detailed analysis on vulnerabilities, pentesting, and other related topics.
These are the main points extracted from the meeting notes. Let me know if there is anything else you would like to highlight or if you need further information.