Three-quarters of security vulnerabilities pose little risk, according to a recent study by security supplier XM Cyber. The real danger comes from a small number of vulnerabilities, particularly those that converge at points leading to important business assets. The study found that only two percent of the vulnerabilities found enable truly dangerous attack paths. Companies should focus on these critical attack paths, rather than all of them, as the vast majority have a minimal impact.
The study also revealed that 71 percent of companies have vulnerabilities in on-prem networks that can affect critical cloud-based systems, and a majority suffer from attacks on passwords and permissions. XM Cyber is urging companies to prioritize API security, as APIs are often overlooked yet vulnerable.