Cyber Risk Management Solutions

Join our webinar: The Cyber Attacker’s Advantage. November 13 at 2 PM EST for a live review of Tenable’s research.

Who has the first-mover advantage – cybercriminals or your security team?

What’s the difference in time between when an exploit is publicly available for a given vulnerability and the first time security teams actually assess their systems?

And why does this matter?

Join us on November 13 at 2 PM as Matt Jones shares research from the new report: Quantifying the Attacker’s First-Mover Advantage

→ Click here to register for The Cyber Attacker’s Advantage

This alarming new report from Tenable shows that attackers have, on average, a 7-day head start.  They are bolting ahead before security even sees the risk looming.

Tenable Research analyzed the 50 most prevalent vulnerabilities over a three-month period. They discovered an alarming truth:

The Cyber Attacker’s Advantage: Attackers have a 7-day head start. 

During the webinar, Matt Jones will help explain how you can:

  • Eliminate the attacker’s 7-day window of opportunity;
  • Find out more about Tenable Research’s analysis of the 50 most prevalent vulnerabilities;
  • Learn how real-world threat actor activity can be leveraged to prioritize vulnerabilities for remediation.

Register today:

Webinar Details: 
The Cyber Attacker’s Advantage
Tuesday, November 13
Register Here

*Everyone that registers for The Cyber Attacker’s Advantage will receive a copy of the full research.*

The Cyber Attacker's Advantage Webinar

The Report: Quantifying the Attacker’s Advantage

Tenable Research has just released a report on the difference in time between when an exploit is publicly available for a given vulnerability and the first time that a vulnerability is assessed.

For this study, Tenable analyzed the 50 most prevalent critical and high-severity vulnerabilities from just under 200,000 vulnerability assessment scans over a three-month period in late 2017 to anchor the analysis to the real world. We used these vulnerabilities to derive the “time to exploit availability” and “time to assess” to calculate the median delta.

Join the webinar: The Cyber Attacker’s Advantage for a LIVE review of the research.

Attackers are racing ahead

Our analysis shows that the median delta was -7.3 days. The median time to exploit was 5.5 days, compared to a median time to assess of 12.8 days. On average, this gives attackers a seven-day head start on the defenders.

The delta was negative for 76 percent of analyzed vulnerabilities. So, on a vulnerability-by-vulnerability basis, the attackers seize the first-mover advantage more often than not.

When the delta was positive, it was usually because it took so long for an exploit to become available – rather than the defenders’ speedy scanning frequency. The fact that for 34 percent of the analyzed vulnerabilities, an exploit was available on the same day the vulnerability was disclosed is sobering. But it really gets interesting when we drill down into the individual vulnerabilities.

Twenty-four percent of the 50 most prevalent vulnerabilities we analyzed are actively being exploited in the wild by malware, ransomware or exploit kits. A further 14 percent were sufficiently critical to be discussed in the media. The sample set contained vulnerabilities being targeted by the Disdain and Terror exploit kits, Cerber, and StorageCrypt ransomware and even by APT groups such as Black Oasis to install the FinSpy surveillance software.