Market Research Logo

Public Vulnerability Research Market in 2014

Public Vulnerability Research Market in 2014

The following is both a study about software vulnerabilities and the companies that publicly disclose vulnerabilities.

A security vulnerability is any error in an IT system that can be exploited by an attacker to compromise the confidentiality or integrity of a system or to deny legitimate user access to a system. Other industry terms for security vulnerabilities include “software bug” and “flaw.”

In the past, the process by which the analysis of vulnerabilities was shared with third parties was subject to much debate, as full disclosure is the practice of making the details of security vulnerabilities public.

There is much debate in making vulnerabilities public because keeping vulnerabilities secret or not public keeps them out of the hands of hackers, but this assumes that hackers can’t discover vulnerabilities on their own. From the organization side, keeping vulnerabilities secret assumes organizations will spend time and money fixing secret vulnerabilities . Both assumptions have proven to be false.

Hackers have proven to be quite adept at discovering secret vulnerabilities. Full disclosure forces organizations to routinely patch their systems.

Organizations tend to treat vulnerabilities less as a software problem and more as a public relations (PR) problem. This is where full disclosure comes into play by making the PR problem more acute, organizations are then quick to patch vulnerabilities.

Naturally organizations receiving negative PR every time a vulnerability is made public quickly release a patch fixing the vulnerability in order to minimize the impact of negative PR.

Full disclosure of vulnerabilities helped shape the standardization of how vulnerabilities are tracked, managed and stored.

About this report

The Frost & Sullivan analysis of the global public vulnerability research market in 2014 is part of a series of studies compiled from various public sources to analyze the public vulnerability landscape from 2013 to 2014. Vulnerability data is collected, queried, and segmented, resulting in a wealth of information that is intended to provide qualitative commentary on the research industry and to recognize the most prolific disclosers of new vulnerability reports. The top research companies are interviewed to provide industry and technology trends. Within this analysis, Frost & Sullivan has identified key market trends, competitive analysis, and growth opportunities to quantify and evaluate the public vulnerability research market.


  • Executive Summary
    • Executive Summary-Key Findings
  • Market Overview
    • Research Objectives
    • Market Overview
    • Market Overview-Best Practices Public Vulnerability Disclosing
    • Market Overview-The Evolving Attacker
    • Market Overview-Terminology and Definitions
    • Market Overview-Key Questions This Insight Answers
  • Research Methodology
  • Cyber Threat Analysis and Reporting
    • Introduction to Cyber Threat Analysis and Reporting
    • The Internet of Things
    • SCADA
    • Software¯Java
    • Malware
    • Mobile Malware
  • Market Trends in Public Vulnerabilities
    • Vulnerabilities Reported by Year
    • Vulnerabilities Reported by Quarter
    • Market Trends
    • Vulnerability Disclosure
    • Vulnerability Disclosure by Organization Type
  • Analysis of Vulnerabilities by Severity
    • Table Public Vulnerability Research Market: Reported Vulnerabilities by Quarter and Severity, Global, 2014
  • Comparison of Targeted Applications
    • Targeted Applications
    • Analysis of Targeted Applications
    • Top Targeted Types of Applications
    • Disclosing Institutions: Web Browser Vulnerabilities
    • Disclosing Institutions: Media Applications Vulnerabilities
    • Disclosing Institutions: Server Vulnerabilities
    • Disclosing Institutions: Business Applications Vulnerabilities
    • Analysis of Targeted Applications by Type
    • Targeted Web Browser Type
    • Analysis of Targeted Web Browser Type
  • Vulnerability Analysis
    • Vulnerability Definitions
    • Vulnerabilities Reported by Flaw Type 2013
    • Vulnerabilities Reported by Flaw Type (For 2014)
    • Disclosing Institutions: Buffer Overflow Errors
    • Disclosing Institutions: Code Injection Errors
    • Top Impact Type
    • Analysis of Impact Types
  • Competitive Analysis
    • Competitive Analysis Verified Vulnerabilities
    • Competitive Analysis Verified and Unverified Vulnerabilities
    • Competitive Analysis
  • The Status Of Public Vulnerability Reporting
  • Conclusions
  • Appendix
    • Vulnerability Database Sources (for 2014)
    • List of Publications Cited in This Report

Download our eBook: How to Succeed Using Market Research

Learn how to effectively navigate the market research process to help guide your organization on the journey to success.

Download eBook

Share this report