Cybersecurity Dive recently reported that the number of network-related vulnerabilities considered medium severity and above declined almost 10% last year, according to Palo Alto Networks’ Unit 42 Network Threat Trends report. In 2021, the industry recorded more than 11,800 Common Vulnerabilities and Exposures (CVEs), down from 13,123 in 2020.
However, the number of attacks targeting network-related CVEs in 2021 jumped 15% to 262 million, reflecting an all-time high and triple the number of attacks that occurred prior to the COVID-19 crisis.
The majority of successful data breaches are the result of attacks against known vulnerabilities: security gaps in software code, packet construction anomalies and unsafe default configuration are all examples of the kinds of weaknesses that hackers look for to gain access and control over computers and networks.
Different parts of an IT environment may need to be scanned from different vantage points to provide a complete risk assessment.
Vulnerability Scans fall into the following categories: