Artificial Intelligence Fintech News

Most Companies Don’t Think Like Hackers, Leaving Them More Prone to Attacks, Finds WhiteSource and CYR3CON™ Study

by Fintech News Desk0
Most Companies Don't Think Like Hackers, Leaving Them More Prone to Attacks, Finds WhiteSource and CYR3CON™ Study

WhiteSource, the leader in open source security and license compliance management, and CYR3CON, which predicts cybersecurity attacks based on AI-gathered intelligence from hacker communities, release in collaboration with d their joint research report on security vulnerability prioritization through the eyes of hackers.

Read More: GlobalFintechSeries Interview with Erick Pinos, Ecosystem Lead at Ontology

As technology constantly advances, software development teams are bombarded with security alerts at an increasing rate. This has made it nearly impossible to remediate every vulnerability, rendering the ability to properly prioritize remediation all the more critical.

This research examines the most common methods software development teams use to prioritize software vulnerabilities for remediation and compares those practices to data gathered from the discussions of hacker communities, including the dark web and deep web.

Read More: Healthfully and Paya Deliver Expanded Patient Care and Payments Through New Partnership

Key findings in the report include:

  • Software development teams tend to prioritize based on available data such as vulnerability severity score (CVSS), ease of remediation, and publication date, but hackers don’t target vulnerabilities based on these parameters.
  • Hackers are drawn to specific vulnerability types (CWEs), including CWE-20 (Input Validation), CWE-125 (Out-of-bound Read), CWE-79 (XSS), and CWE-200 (Information Leak/Disclosure).
  • Organizations tend to prioritize “fresh” vulnerabilities, while hackers often discuss vulnerabilities for over 6 months following exploitation, with even older vulnerabilities re-emerging in hacker community discussions as they reappear in new exploits or malware.

“As development teams face an ever-rising number of disclosed vulnerabilities, it becomes impossible to fix everything and it’s imperative that teams focus on addressing the most urgent issues first,” said Rami Sass, CEO and co-founder of WhiteSource. “Our research can help organizations adopt a solid prioritization method, and ensure they look beyond just the most accessible data to the data that can best help them fix the security vulnerabilities that could cause the greatest impact, and in turn save them valuable time.”

Read More: M Financial Group Licenses FAST Software to Enable New Digital Ecosystem for Member Firms

Fintech News Desk is a trained group of web journalists and reporters who collect news from all over the financial technology landscape. The financial services innovations include latest and advanced developments related to Digital banking, wallets, AI, ML, IT, Cloud Security, Privacy and Security, Cyber threat intelligence, Space, Big data and Analytics, Blockchain, and Crypto. To connect, please write to Fintech market analyst at sghosh@martechseries.com.

Related posts

VC Investment in Fintech More Than Doubles in Second Half of 2020 – Expected to Remain Strong Into 2021, According to KPMG’s Pulse of Fintech

Fintech News Desk

Moca Joins Banking As A Service Association Baas To Further Support Community Banks

Fintech News Desk

PEAK6 Joins the Pyth Network to Bring Digital Asset Market Data On-Chain

Fintech News Desk
1