"Time-To-Exploit: What It Means and Why It's Going Down"

According to researchers, the average time it takes threat actors to exploit vulnerabilities before or after their public disclosure continues to decrease. Researchers at Mandiant analyzed 246 vulnerabilities disclosed in 2021 and 2022, tracked as "exploited in the wild." They discovered that the overall average time-to-exploit (TTE) is decreasing, with exploitation likely to happen before the end of the first month following the release of a patch. This is a trend that has continued over the past few years. Between 2018 and 2019, the average TTE was 63 days. From 2020 to early 2021, it decreased to 44 days. As a means of gauging how fast attackers can exploit vulnerabilities once they are discovered, many researchers in the security community have analyzed such findings. Understanding these trends helps organizations develop more effective maintenance and remediation strategies. This article continues to discuss recent TTE observations and findings.

Decipher reports "Time-To-Exploit: What It Means and Why It's Going Down"

Submitted by grigby1
 

Submitted by Gregory Rigby on