Attackers' Costs Increasing as Businesses Focus on Security

Attackers' Costs Increasing as Businesses Focus on Security
Based on penetration tests and vulnerability assessments, attackers' costs to compromise a company's network increases significantly when security is continuously tested, a report finds.

Companies that focus on continuously testing their security through automated means and regular penetration testing roughly double the cost to attackers of finding exploitable vulnerabilities in their systems, according to data from security assessments and red-team engagements collected by crowdsourced security firm Synack.


The company found that the average number of times that a red-team member had to probe an asset to find a vulnerability more than doubled — increasing by 112% — on average over the past two years. In addition, the average severity of the vulnerabilities found by red-team members have decreased to a Common Vulnerability Scoring System (CVSS) score of 5.95 in 2018, down from aa CVSS score of 6.41 in 2016.


The findings suggest that companies that incorporate secu ..