Download as PDF, PPTX
Uploaded byKirill Ermakov
Vulners report: comparing vulnerability world 2016 to 2017
The document compares vulnerability trends between 2016 and 2017, finding that while the total number of reported vulnerabilities increased by around 16,000, financial vulnerabilities rose 24% and enterprise vulnerabilities increased 11%. The number of public exploits grew 75% but the total number of public exploits decreased 30% as more became private. Overall, the analysis found that threats increased by double digits annually and that containing the growing flood of vulnerabilities and exploits is challenging.
More Related Content
![[Cluj] CSP (Content Security Policy)](https://cdn.slidesharecdn.com/ss_thumbnails/csp-151026112506-lva1-app6892-thumbnail.jpg?width=640&height=640&fit=bounds)
![Jose Selvi - FIESTA: an HTTPS side-channel party [rooted2018]](https://cdn.slidesharecdn.com/ss_thumbnails/joseselvi-slides-180312223638-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to Vulners report: comparing vulnerability world 2016 to 2017
![WhiteHat Security Website Statistics [Full Report] (2013)](https://cdn.slidesharecdn.com/ss_thumbnails/wpstatsreport052013-130502135957-phpapp01-thumbnail.jpg?width=640&height=640&fit=bounds)
![WhiteHat’s 12th Website Security Statistics [Full Report]](https://cdn.slidesharecdn.com/ss_thumbnails/wpstatssummer1212th-120702164437-phpapp01-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Jovan Bogicevic - Legacy to AI-Driven Defense: Transforming D...](https://cdn.slidesharecdn.com/ss_thumbnails/rsarluadt563hntyfc8q-3-251211083849-3e7bc4c0-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Vladimir Jelic - The AI-Driven Security Shift From Reactive D...](https://cdn.slidesharecdn.com/ss_thumbnails/6g5gj25mtjwayniqem1t-6-251209104645-7a5a5fc6-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Debmalya Biswas - Agentification: the art of transforming man...](https://cdn.slidesharecdn.com/ss_thumbnails/r5azlggvtqiaiiusrqdr-4-251212103249-5a12c89b-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Dusan Nesic - Securing Tomorrow’s Infrastructure: Why Cyber-P...](https://cdn.slidesharecdn.com/ss_thumbnails/qikbszfftyowjm2q6duw-1-251211083848-8f2ead6b-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Imai Jen-La Plante - The New Generation: AI and the Future of...](https://cdn.slidesharecdn.com/ss_thumbnails/kxi8t2l5rggivgcenyba-1-jenlaplante-dsc-251208152532-d1e076c2-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Aleksandra Dragicevic - AI-Boosted Research in Healthcare: Fr...](https://cdn.slidesharecdn.com/ss_thumbnails/iqwngszurf2r7pi1lnnj-4-aleksandra-dragicevic-ad-dsc-europe-conference-20-251208151905-37c3238a-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Behzad Hosseini - AI Agents in the Wild: Deploying Models tha...](https://cdn.slidesharecdn.com/ss_thumbnails/3qtejajvsjqrzwfept2c-10-251212103250-7f2b1068-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Dobrica Cosic - Savings by the Second: How Dynamic Pricing an...](https://cdn.slidesharecdn.com/ss_thumbnails/znp09f3smtqz3w2sq6wn-1-dobrica-cosic-savings-by-the-second-how-dynamic-pricing-and-smart-data-are-bu-251208151905-26e6f41e-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Milan Zdravkovic - The road less traveled in District Heating...](https://cdn.slidesharecdn.com/ss_thumbnails/nfaboniqwsz4ucyctnmy-2-milan-zdravkovic-dsc2025-the-road-less-traveled-in-district-heating-operation-251208151905-f56388a5-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Dragana Ilic - AI for Big Data in Astronomy.pptx](https://cdn.slidesharecdn.com/ss_thumbnails/8palya86qaatvjhva1ms-2-dragana-ilic-ai-ilic-251208151906-652b819c-thumbnail.jpg?width=640&height=640&fit=bounds)
![[DSC Europe 25] Sara Polak - The Archaeology of Innovation: AI as the Next Cr...](https://cdn.slidesharecdn.com/ss_thumbnails/7ecbscdnt8mlcuqbd2ln-2-sara-polak-ai-creative-industries-251208152533-aa1fcf54-thumbnail.jpg?width=640&height=640&fit=bounds)
Vulners report: comparing vulnerability world 2016 to 2017
- 1. Vulnerability trends report comparing2016 to 2017 Kir Ermakov
- 2. 2 #:whoami - vulners.com founder -QIWI Group CTO - Web penetration tester - Member of “hall-of-fames” (Yandex, Mail.ru, Apple and so on)
- 3. 3 Vulners Database - Google-stylesearch engine - 773.000+ security advisories, exploits and CVE’s - 100+ sources of content - Security awareness subscriptions - Linux audit API
- 4. 4 Creepy 2017 - WannaCry -NotPetya - Multiple Struts2 RCE - BadRabbit
- 5.
- 6. 6 And what about…you?! -You are the lucky dude - Your security is not better - Probably even worth - You still didn’t applied 2FA? - Tell me more about PCI DSS - Internet is a new wild west
- 7.
- 8. 8 Let there begraphs and math - We analyzed 2016 to 2017 transition statistics - Activity of over 16,800,000 security fellows - Correlations in 7 categories - To tell you the truth: is it really so scary?
- 9. 9 Vulnerabilities at all -6000 vs 16000-a-year - Researchers did a good job - What happened in May?
- 10. 10 Financial and enterprise -24% increase for financial - 11% increase for enterprise - ”Double digit” is good for business. And for you?
- 11. 11 Web exploits - 75%increase - Public exploits only - Same story with private ones?
- 12. 12 Public exploits total -30% decrease - More exploits becomes private - Or researchers are lazy?
- 13. 13 So what? - Numberof threats is increasing ”double digit” - More exploits becomes private - No chance to hold the flood by the hands - Yes, it is scary
- 14. 14 Thanks - isox@vulners.com - Analyzewith us - We are really trying to make this world better - Stop paying for features that are available for free