40 percent of all zero-day exploits ever known to exist appeared in 2021, a sign of how frequent vulnerabilities are becoming. Further, vulnerabilities in third-party software cost companies $4.55 million on average in 2022, up from $4.33 million in 2021. And software supply chain attacks took 26 days longer, on average, for businesses to identify than they did a year ago.
Couple that with the fact that open source components comprise at least 85 percent of most software, and it’s clear that businesses are struggling today to stay ahead of vulnerabilities. They’re spending too much time trying to investigate Common Vulnerabilities and Exposures (CVE) announcements that affect their software, and they’re remediating those vulnerabilities too slowly to prevent them from being exploited in many cases.
What can organizations do about this? How can they manage vulnerabilities more effectively, such that the rate of successful exploits decreases while the productivity of their developers increases? Those are the questions we’d like to answer in this eBook by unpacking strategies for spending less time fixing CVEs.