Secunia's Half Year Report for 2011
Key findings include:
Cybercriminals are bypassing traditional perimeter defences by means of the automated mass production of attack variants – thereby initiating an arms race with defenders.
Security patches are found to be an effective means to escape the arms race, as they remediate the root cause of compromise.
The analysis reveals that timely patching of the software portfolio of any organisation is like chasing a continually moving target.
A comparison of different patching strategies under the assumption of limited resources demonstrates that an intelligent patching strategy is an effective approach for reducing vulnerability risks.
Research shows that for the majority of vulnerabilities there are patches available on the day of disclosure. While 0-days still represent a significant threat, we actually have the power to neutralise a larger part of the risk than what is commonly perceived.
Last edited by Brink; 25 Jul 2011 at 03:53 PM..
Reason: fixed link