The Rostelecom-Solar report provides information on common vulnerabilities and deficiencies in infrastructure components, employee awareness of information security issues, and statistics on how to fix discovered vulnerabilities.

The data presented in the report was obtained based on the results of the work carried out by experts of the security analysis department of the Solar JSOC, a center for countering cyberattacks, in June 2020 - June 2021.

The works included external and internal breach testing, web application analysis, sociotechnical research. Part of the work was devoted to checking the vulnerabilities discovered during the previous security analysis and the correctness of repair.

Key findings:

  • Most of the vulnerabilities have a high severity rating, but at the same time they have low exploitation complexity.
  • The most vulnerable systems at the outer perimeter are web applications.
  • Incorrect setting of access rights is discovered in 81% of web applications.
  • The weakest point of internal networks is password management.
  • 15% of users perform potentially harmful actions when they receive phishing emails.
  • 78% of critical vulnerabilities discovered during the security analysis were fully or partially eliminated before retesting.
Read more


Latest update:


Similar analytics:MORE similar analytics
Subscribe to get updates

By clicking the button you agree to Privacy Policy

Add your research

Unless otherwise stated, the content is available under Creative Commons BY 4.0 license

Supported by the Moscow Government