http://www.hpenterprisesecurity.com/collateral/report/2011FullYearCyberSecurityRisksReport.pdf
In the 2011 top cyber security risks report, HP Enterprise Security provides a broad view of the vulnerability threat
landscape, as well as in-depth research and analysis on security attacks and trends. The aim of this report is to highlight the biggest risks that enterprise organizations face today—and to help prioritize mitigation strategies. Key findings from this report include the following:
• Continued decline of new, disclosed vulnerabilities in commercial applications
The report notes the decline in commercial vulnerability reporting, and it discusses the key trends in the vulnerability
disclosure market that may be hiding a deeper issue. The report also highlights the growing market for private
sharing of vulnerabilities, the increased expertise required to uncover complex vulnerabilities, and the price these
can fetch in various markets. Data from HP Fortify will also highlight the increasing number of vulnerabilities that
are being discovered in custom applications—vulnerabilities that can be devastating to the security posture of an
organization.
• Changes in attack motivation are increasing security risk
While security attackers have always sought glory and/or financial gain from their activities, the formation of
hacktivist groups, like Anonymous, has added not only a purpose behind security attacks, but a level of
organization as well. This shift in motivation and subsequent organization has given rise to newer and more severe
security attacks. This report will highlight the motivations of today’s security attack community—and the implications
for security defense techniques.
• Increase in the number of attacks against a “smaller” set of known vulnerabilities
Despite the shrinking number of known vulnerabilities in commercial applications, the report will use real data—
pulled from the HP TippingPoint Intrusion Prevention System (IPS) and HP Fortify—to highlight an increase in severe
attacks against both client/server and Web applications. The data is broken down by attacks, vulnerability
category, source information, and severity to provide a snapshot of the attack landscape. This section also features
an actual case study of the Web application risks at one large corporation.
• Improved techniques for executing security attacks
While many targeted attacks leverage zero-day vulnerabilities, the average cyber criminal generally exploits
existing vulnerabilities. Data from the report breaks down several techniques, including obfuscation, used to
successfully exploit existing vulnerabilities. The report also includes an in-depth look at the Blackhole exploit toolkit,
which uses many of the techniques highlighted.
ClearSky Cyberdefense Forum 