Friday, August 29, 2008

X-Force Mid-Year Report 2008

IBM ISS X-Force security and development group released a mid-year report last month discussing all the security trends since the beginning of 2008. The report is 85 pages long and includes a number of charts and graph's, so it's actually an easy read. I would suggest reading it as it gives us at least one commercial companies view on the direction security related threats are headed.

I know very well how statistics can be skewed but the overall direction given in the reports seems to be inline with reports coming from other areas in the field. I wanted to share a few "numbers" I found interesting.

  • 45% of all vulnerabilities ranked as "Medium" using the X-Force scoring system.

  • 54% of all vulnerabilities ranked as "Medium" using the CVSS scoring system.

  • Apple disclosed the most vulnerabilities in the first half of the year.

  • Microsoft ranked 3rd and Linux ranked 10th in disclosures behind Apple.

  • Microsoft ranked 1st, Apple 3rd by the highest number of public vulnerabilities.


I would like to know what you get out of the report. Please post your feedback in the comments.
Posted by Thomas Nicholson at Friday, August 29, 2008
Labels:
blog comments powered by Disqus