home_banner `

Content Icon

IANS Vulnerability and Breach Update: Q2 2019

July 3, 2019 | Faculty Reports | Data Breaches | By Mike Saurbaugh, IANS Faculty

Vulnerabilities and breaches are mainstream news regularly. With a new vulnerability seemingly discovered daily, which should be taken more seriously (i.e., patch now!) and which are overhyped? In this quarterly research report, IANS Faculty Mike Saurbaugh updates clients on the top vulnerabilities and breaches from the past quarter and provides some real-world context and perspective.
IANS

 SUBSCRIPTION REQUIRED


Already a client?

Log In to Continue

Not a client?

Request More Information

Related Research

IANS Vulnerability and Breach Update: Q3 2019

Vulnerabilities and breaches are mainstream news regularly. With a new vulnerability seemingly discovered daily, which should be taken more seriously (i.e., patch now!) and which are overhyped? In this quarterly research report, IANS Faculty Mike Saurbaugh updates clients on the top vulnerabilities and breaches from the past quarter and provides some real-world context and perspective.

Overview of Common Themes in 2018 Data Breaches

2018 data breaches had several commonalities. Almost three quarters (71%) were financially motivated, 56 percent took months or longer before they were discovered, 32 percent involved phishing, 29 percent used stolen credentials, and 25 percent were motivated by gain of a strategic advantage.

Vulnerability Exception Form Template

Exceptions must sometimes be made during the vulnerability management process. This template uses a simple reporting-analysis-approval workflow to document the details of an exception to a vulnerability management process, the proposed workaround/mitigation strategy, analysis and approval process. 

Bug Bounties: A Case Study

More organizations are standing up bug bounty programs as an alternative or supplement to traditional penetration testing. In this report, IANS Faculty George Gerchow offers some lessons learned from creating a bug bounty at his company, as well as tips for success.