Public Vulnerability Research Market in 2014
The following is both a study about software vulnerabilities and the companies that publicly disclose vulnerabilities.
A security vulnerability is any error in an IT system that can be exploited by an attacker to compromise the confidentiality or integrity of a system or to deny legitimate user access to a system. Other industry terms for security vulnerabilities include “software bug” and “flaw.”
In the past, the process by which the analysis of vulnerabilities was shared with third parties was subject to much debate, as full disclosure is the practice of making the details of security vulnerabilities public.
There is much debate in making vulnerabilities public because keeping vulnerabilities secret or not public keeps them out of the hands of hackers, but this assumes that hackers can’t discover vulnerabilities on their own. From the organization side, keeping vulnerabilities secret assumes organizations will spend time and money fixing secret vulnerabilities . Both assumptions have proven to be false.
Hackers have proven to be quite adept at discovering secret vulnerabilities. Full disclosure forces organizations to routinely patch their systems.
Organizations tend to treat vulnerabilities less as a software problem and more as a public relations (PR) problem. This is where full disclosure comes into play by making the PR problem more acute, organizations are then quick to patch vulnerabilities.
Naturally organizations receiving negative PR every time a vulnerability is made public quickly release a patch fixing the vulnerability in order to minimize the impact of negative PR.
Full disclosure of vulnerabilities helped shape the standardization of how vulnerabilities are tracked, managed and stored.
About this report
The Frost & Sullivan analysis of the global public vulnerability research market in 2014 is part of a series of studies compiled from various public sources to analyze the public vulnerability landscape from 2013 to 2014. Vulnerability data is collected, queried, and segmented, resulting in a wealth of information that is intended to provide qualitative commentary on the research industry and to recognize the most prolific disclosers of new vulnerability reports. The top research companies are interviewed to provide industry and technology trends. Within this analysis, Frost & Sullivan has identified key market trends, competitive analysis, and growth opportunities to quantify and evaluate the public vulnerability research market.
Learn how to effectively navigate the market research process to help guide your organization on the journey to success.Download eBook