"Average Time to Fix Critical Cybersecurity Vulnerabilities Is 205 Days"

According to a new report from WhiteHat Security, the average time taken to fix critical cybersecurity vulnerabilities has increased from 197 days in April 2021 to 205 in May 2021. Organizations in the utility sector were found to have the highest window of exposure with their application vulnerabilities. More than 66 percent of applications used in the utility sector contained at least one exploitable vulnerability that was open throughout the year. Over 60 percent of applications in the manufacturing industry were also found to have a window of exposure of more than 365 days. The finance industry has a more balanced window of exposure outlook, with nearly 40 percent of applications having an exposure window of 365 days and about 30 percent having an exposure window of fewer than 30 days. The report pointed out the top five classes of vulnerabilities seen over the last three months, which include information leakage, insufficient session expiration, cross-site scripting, inadequate transport layer protection, and content spoofing. The WhiteHat Security researchers stressed that these types of vulnerabilities require little effort or skill to discover and exploit. This article continues to discuss key findings from WhiteHat Security's AppSec Stats Flash report and how organizations should address application vulnerabilities. 

ZDNet reports "Average Time to Fix Critical Cybersecurity Vulnerabilities Is 205 Days"