Synack California United Arab Emirates

by the Cybersecurity and Infrastructure Security Agency. The healthcare and technology sectors both saw an increase in SQL injections, and injection flaws including XSS accounted for roughly a third of all vulnerabilities Synack discovered in 2023.

Industry-by-industry breakdown
Synack's report reveals key findings for top-ranking vulnerabilities and remediation times for the healthcare, financial services, federal government, technology and manufacturing sectors.

Below are some key trends identified when looking at across the five industries:

On average, healthcare companies had more than 5,400 subdomains, 1,500 web applications and 1,400 IP addresses publicly exposed – the biggest attack surface of any industry vertical reviewed.Of vulnerabilities found, nearly 1,900 were SQL injections rating as critical or high-severity.Injection flaws magnified sectors' weaknesses. On average, financial services companies took 53 days to remediate SQL injection vulnerabilities, technology companies took 57 days and healthcare companies took just 45 days.

The report draws on data from security assessments carried out on Synack's global customer base and aligns with vulnerability categories in the OWASP Top 10 standard awareness document. The 1,500+ members of the SRT collectively spent over 27,000 days testing Synack customer assets last year, including cloud, application programming interface, AI large language model (LLM), web application, host infrastructure and mobile attack surfaces.

To read the full report, please visit: https://go.synack.com/state-of-vulnerabilities-2024 

About Synack
Synack's premier security testing platform harnesses a talented, vetted community of security researchers and smart technology to deliver continuous penetration testing and vulnerability management, with actionable results. We are committed to making the world more secure by closing the cybersecurity skills gap, giving organizations on-demand access to the most trusted security researchers in the world. Headquartered in Silicon Valley with regional teams around the world, Synack protects a growing list of Global 2000 customers and U.S. agencies in a FedRAMP Moderate Authorized environment. Synack's comprehensive approach to Pentesting as a Service (PTaaS) uncovered more than 14,000 exploitable vulnerabilities in 2023 alone. For more information, please visit www.synack.com.

Logo - https://mma.prnewswire.com/media/838158/Synack_Logo_v2.jpg 

View original content:https://www.prnewswire.co.uk/news-releases/second-annual-synack-state-of-vulnerabilities-report-uncovers-spike-in-severity-progress-in-remediation-302177398.html