Report Finds 88% of Current Internet-Connected Risks Driven By Misconfigurations and Exposures
ANN ARBOR, Mich., Sept. 12, 2022 /PRNewswire/ — Today, Censys, the leader in Attack Surface Management (ASM), launched its inaugural State of the Internet Report, a holistic view into Internet risks and organizations’ exposure to them. This first-of-its-kind report also provides perspective on how security practitioners addressed several vulnerabilities over the last eighteen months, while offering organizations guidance for how to prioritize and evaluate the security maintenance of their Internet-connected business assets.
The inaugural report compiled by the Censys research team is informed by the firm’s technology, which maintains the most comprehensive view of assets on the Internet by continuously scanning the public IPv4 address space across the 3,600+ most popular ports. The Censys research team’s mission is to conduct timely and critical research of Internet exposures and enable the broader cybersecurity community to take quick actions that mitigate future issues.
Through careful examination of which ports, services, and software are most prevalent on the Internet and the systems and regions where they run, Censys’ research team discovered that misconfigurations and exposures represent 88% of the risks and vulnerabilities across the Internet. Using Censys’ Internet-wide scan capabilities and risk detection fingerprints, the State of the Internet Report provides visibility of the assets and weaknesses across an organization’s Internet infrastructure in three sections: the Internet as a Whole, the Attack Surface of the Internet, and the Attack Surfaces of Organizations.
“Assessing the state of the Internet is crucial in understanding an organization’s own risks and exposures,” said Zakir Durumeric, Co-Founder and Chief Scientist of Censys. “Censys’ unique perspective of the Internet provides a holistic look into the potential consequences of misconfigurations, while outlining security teams’ crucial need for expanded visibility and understanding to make smart security decisions.”
Censys’ 2022 State of the Internet Report found that:
Censys’ researchers also conducted a holistic assessment of the Internet’s response to three major vulnerabilities – Log4j, GitLab and Confluence – to understand mitigation strategies based on how a vulnerability is perceived. From this analysis, Censys learned how the Internet responds differently to vulnerability disclosures.
Censys observed three distinct types of behavior in response to vulnerability disclosures:
The Internet constantly evolves as new technologies emerge, vulnerabilities are discovered, and organizations expand their operations that interact with the Internet. Security teams have the responsibility to protect their organizations’ digital assets and need proper visibility into the entire landscape to do so. Although vulnerabilities often garner the bigger headlines, it’s undetected misconfigurations and exposures that create the most risk for an organization, making it important to regularly assess any new hosts or services that appear in your infrastructure. Regardless of vulnerability type, providing organizations with the visibility and tools needed to strengthen their security posture introduces a proactive, more vigilant approach to digital risk management.
To download the full report, visit: https://censys.io/state-of-the-internet-report/
To learn more about Censys’ approach to organizational visibility, visit: https://www.censys.io.
About CensysCensys, Inc.™ is the leading provider of continuous attack surface management. Founded in 2013 in Ann Arbor, Michigan, Censys gives organizations the world’s most comprehensive real-time view of global networks and devices. Customers like FireEye, Google, NATO, Swiss Armed Forces, the U.S. Department of Homeland Security, and over 10% of the Fortune 500 rely on the company’s Internet-wide continuous visibility platform to discover and prevent cybersecurity threats. At Censys, you can be yourself. We like it that way. Diversity fuels our mission, and we are committed to inclusion across race, gender, age and identity. To learn more, visit censys.io and follow Censys on Twitter.
Logo – https://mma.prnewswire.com/media/1510668/Censys_Logo.jpg