Bengaluru: The Zero Day Initiative (ZDI), the bug bounty programe of cyber security firm Trend Micro, disclosed 64 per cent of the total 1,543 global public vulnerabilities in 2021, followed by networking major Cisco at 21 per cent and tech giant Google at 5 per cent, a report showed on Monday August 8.
According to data from global market researcher Omdia, of the 984 submissions by Trend Micro’s ZDI, 36 per cent were critical, 70 per cent were classified as high severity and 45 per cent were medium severity.
“Having led the charge since the very first market analysis in 2007, the ZDI has expanded its volume of vulnerability disclosures for the 15th successive year,” said Sharda Tickoo, Technical Director for Trend Micro, India and SAARC.
“Our vulnerability research is second to none globally, both pre-and post-disclosure,” Tickoo added.
Omdia provided an independent comparative analysis of 11 global organisations that publicly research and disclose vulnerabilities, analyzing a total of 1,543 vulnerabilities disclosed and assigned a common vulnerabilities and exposure (CVE) in 2021.
The CVEs added to the US National Vulnerability Database (NVD) hit a record high for the fifth successive year in 2021.
“The data also revealed that monitoring software was responsible for the largest number of vulnerabilities submitted. This is another positive sign, as more organisations utilize this software to identify threats faster,” said Tanner Johnson, principal analyst for Omdia.
The average impact score of vulnerabilities has also increased year-on-year over the past three years, which means that the vulnerabilities disclosed could have a bigger impact if exploited, said the report.