A five-year longitudinal study found that nearly one out of every two on-premises databases globally – 46 percent – is vulnerable to attack, given that it has at least one unpatched vulnerability. The study, which involved 27,000 scanned databases globally, discovered that more than half – 56 percent – of those CVEs are rated “high” or “critical” in severity, indicating that routine patching is being shrugged off by many organizations. Conducted by Imperva Research Labs and published on Tuesday, the study – carried out with the company’s database-scanning service – also found that the average database contains 26 unpatched CVEs. Some of those vulnerabilities have left databases open to attack for three or more years – a scandalous length of time, given the sensitivity and value of data. Something just ain’t right with this picture, said Elad Erez, Imperva’s chief innovation officer and research lead. “This research proves that the way data is being secured today simply isn’t working,” Erez wrote in a Tuesday blog about the study. “For years, organizations have prioritized and invested in perimeter and endpoint-security tools, assuming the protection of the systems or network around the data would be enough,” he said. “However, that approach is not working, as this is an expansive and global problem. Organizations need to rethink the way they secure data in a way that genuinely protects the data itself.” Erez popped into the Threatpost podcast to discuss the results of the…
https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2021-09-14 09:45:002021-09-14 09:45:00Unpatched Bugs Plague Databases; Data Is Not Secure
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org