In this report, we will share the results of automated security assessment of the network perimeter of selected corporate information systems. Scanning was per-formed using the MaxPatrol 8 vulnerability and compliance management system in Pentest mode. More details on MaxPatrol 8 scan modes can be found at the end of this document.

  • Positive Technologies experts detected high-risk vulnerabilities on external network resources of 84% of tested companies. Even a low-skilled attacker could exploit 10% f vulnerabilities by using a ready public exploit.
  • Half of vulnerabilities can be eliminated by installing software updates.. Systems at 26% of companies are still vulnerable to WannaCry encryption malware.
  • At 74% of companies, SSH is available for direct connection from the Internet. One fifth of software vulnerabilities involved OpenSSH errors, which may allow attackers to obtain control over network perimeter resources or breach the company's local network.
  • All the companies' perimeters have hosts vulnerable to the SWEET32 attack, and 84 percent of companies are still vulnerable to the POODLE attack. If attackers succeed in exploiting these vulnerabilities, they can extract confidential data from encrypted connections.
Read more

Share:

Added:08.12.2020
Latest update:
11.16.2020

Share:

Similar analytics:MORE similar analytics
Subscribe to get updates

By clicking the button you agree to Privacy Policy

Add your research

Unless otherwise stated, the content is available under Creative Commons BY 4.0 license

Supported by the Moscow Government