Cover Image
市場調查報告書

全球公共漏洞調查市場分析

Analysis of the Global Public Vulnerability Research Market in 2013

出版商 Frost & Sullivan 商品編碼 305721
出版日期 內容資訊 英文 94 Pages
商品交期: 最快1-2個工作天內
價格
Back to Top
全球公共漏洞調查市場分析 Analysis of the Global Public Vulnerability Research Market in 2013
出版日期: 2014年06月13日 內容資訊: 英文 94 Pages
簡介

本報告提供全球公共漏洞調查市場詳查,全網路安全產業內的漏洞調查領域所佔位置,主要市場趨勢,2012年1年間多次報告的漏洞類型,2012年受最多攻擊的應用,受到嚴重損害的漏洞類型,漏洞發現補償制度對安全供應商的漏洞報告數造成的影響等詳細分析。還有市場競爭情形分析,以及主要企業的企業簡介。

第1章 摘要整理

  • 調查結果的要點

第2章 市場概況

  • 市場概要
  • 公共漏洞報告
  • 公共漏洞揭露
  • 公共漏洞揭露的最佳業務實踐
  • 進化的攻擊者
  • 用語和定義
  • 本報告的主要著眼點

第3章 電腦網路威脅分析及匯報

  • 電腦網路威脅分析及匯報序論
  • 物聯網
  • SCADA
  • 軟體 - Java
  • 惡意程式
  • 行動惡意程式
  • 網站
  • 網站、瀏覽器
  • 漏洞和社群媒體
  • 微軟和漏洞
  • 對安全設備和安全設備的攻擊
  • OpenSSL的Heartbleed Bug
  • 安全服務供應商和設備供應商的貢獻
  • 電腦網路威脅環境: HP的觀點

第4章 案例研究

  • 電腦網路攻擊的案例研究: DarkSeoul
  • 漏洞案例研究: D-Link及Planex家用路由器
  • 案例研究: Oracle Outside In OS/2漏洞

第5章 公共漏洞調查市場市場趨勢

  • 每年的漏洞報告數
  • 每季的漏洞報告數
  • 市場趨勢
  • 漏洞揭露
  • 各組織類型的漏洞揭露

第6章 各嚴重性等級的漏洞分析

  • 各嚴重性等級的漏洞分析

第7章 成為目標的應用比較

  • 成為目標的應用
  • 成為目標的應用分析
  • 特別成為多數目標的應用類型
  • 揭露機關: 網頁瀏覽器的漏洞
  • 揭露機關: 伺服器的漏洞
  • 揭露機關: 商業應用的漏洞
  • 各類型目標應用分析
  • 成為目標的網頁瀏覽器類型
  • 各類型目標網頁瀏覽器分析
  • 成為目標的OS
  • 成為目標的OS分析

第8章 漏洞分析

  • 漏洞定義
  • 各缺點類型的已報告漏洞 (2012年)
  • 各缺點類型的已報告漏洞
  • 揭露機關: 緩衝區溢位錯誤
  • 揭露機關: 代碼注入錯誤

第9章 市場競爭分析

  • 市場競爭情形分析: 已檢驗漏洞
  • 市場競爭情形分析: 已檢驗及未檢驗漏洞
  • 市場競爭分析: 概要

第10章 主要企業

  • Fortinet FortiGuard Labs
  • High-Tech Bridge
  • HP Security Research
  • IBM X-Force
  • Secunia
  • 未進行採訪的主要企業

第11章 結論

第12章 附錄

目錄
Product Code: D565-00-07-00-00

Key Findings

  • In 2012, XXsoftware vulnerabilities were reported publicly by research organizations.
  • Software vulnerabilities form the basis of cyber attacks that resulted in more than XXmajor security breaches reported in 2012.
  • Furthermore, million new malicious software programs (also called “malware”) were identified in 2012. Malware also benefits from vulnerable computing systems.
  • Vulnerability research represents an invaluable security service considering the billions of dollars lost in data security breaches.
  • Hackers targeting media applications, business applications, and content management platforms accounted for XX% of reported vulnerabilities.
  • Individuals were responsible for XX% of vulnerabilities reported in 2012. This group was followed by security vendors, government entities, education institutions, and manufacturers, respectively.
  • The top XX targeted applications in 2012 were Mozilla Firefox, Apple QuickTime, and Microsoft Internet Explorer.
  • In 2012, The United States Computer Emergency Readiness Team (US-CERT) disclosed XX verified vulnerabilities. As a branch of the United States Department of Homeland Security (DHS), US-CERT conducts original vulnerability research and acts as a repository for vulnerability reports and analyses.

Key Questions This Insight Answers

  • Where does vulnerability research fit into the overall network security industry?
  • What are the major trends in the public vulnerability research market?
  • What type of vulnerabilities are reported the most?
  • Which applications and application types were prone to vulnerabilities in 2012?
  • What types of vulnerability errors resulted in severe impacts?
  • How do contributor compensation programs affect the number of vulnerabilities that security vendors report?

Table of Contents

1. ANALYSIS OF THE GLOBAL PUBLIC VULNERABILITY RESEARCH MARKET IN 2013

Executive Summary

  • 1. Executive Summary-Key Findings
  • 2. Executive Summary-Key Findings (continued)

Research Methodology

  • 1. Research Methodology
  • 2. Research Methodology (continued)
  • 3. Research Objectives

Market Overview

  • 1. Market Overview
  • 2. Market Overview (continued)
  • 3. Market Overview-Public Vulnerability Reporting
  • 4. Market Overview-Public Vulnerability Disclosure
  • 5. Market Overview-Best Practices Public Vulnerability Disclosing
  • 6. Market Overview-The Evolving Attacker
  • 7. Market Overview-The Evolving Attacker (continued)
  • 8. Market Overview-Terminology and Definitions
  • 9. Market Overview-Key Questions This Insight Answers

Cyber Threat Analysis and Reporting

  • 1. Introduction to Cyber Threat Analysis and Reporting
  • 2. The Internet of Things
  • 3. The Internet of Things (continued)
  • 4. The Internet of Things-Healthcare
  • 5. SCADA
  • 6. Software-Java
  • 7. Malware
  • 8. Malware (continued)
  • 9. Mobile Malware
  • 10. Mobile Malware (continued)
  • 11. Mobile Malware (continued)
  • 12. Websites
  • 13. Websites (continued)
  • 14. Web Browsers
  • 15. Vulnerabilities and Social Media
  • 16. Vulnerabilities and Social Media (continued)
  • 17. Microsoft and Vulnerabilities
  • 18. Microsoft and Vulnerabilities (continued)
  • 19. Attacks on Security Devices and Appliances
  • 20. OpenSSL Virus Heartbleed Bug
  • 21. Contributions from Security Services and Devices Vendors
  • 22. Cyber Threat Environment : HP Perspective
  • 23. Cyber Threat Environment : HP Perspective (continued)

Case Studies

  • 1. Cyber Attacks Case Study: DarkSeoul
  • 2. Vulnerability Case Study: D-Link and Planex Home Routers
  • 3. Case Study-Oracle Outside In OS/2 Vulnerability

Market Trends in Public Vulnerabilities

  • 1. Vulnerabilities Reported by Year
  • 2. Vulnerabilities Reported by Quarter
  • 3. Market Trends
  • 4. Market Trends (continued)
  • 5. Market Trends (continued)
  • 6. Vulnerability Disclosure
  • 7. Vulnerability Disclosure (continued)
  • 8. Vulnerability Disclosure (continued)
  • 9. Vulnerability Disclosure by Organization Type
  • 10. Vulnerability Disclosure by Organization Type (continued)
  • 11. Vulnerability Disclosure by Organization Type (continued)

Analysis of Vulnerabilities by Severity

  • 1. Analysis of Vulnerabilities by Severity
  • 2. Analysis of Vulnerabilities by Severity (continued)
  • 3. Analysis of Vulnerabilities by Severity (continued)
  • 4. Analysis of Vulnerabilities by Severity (continued)
  • 5. Analysis of Vulnerabilities by Severity (continued)
  • 6. Analysis of Vulnerabilities by Severity (continued)
  • 7. Analysis of Vulnerabilities by Severity (continued)
  • 8. Analysis of Vulnerabilities by Severity (continued)
  • 9. Analysis of Vulnerabilities by Severity (continued)

Comparison of Targeted Applications

  • 1. Targeted Applications
  • 2. Analysis of Targeted Applications
  • 3. Top Targeted Types of Applications
  • 4. Disclosing Institutions: Web Browser Vulnerabilities
  • 5. Disclosing Institutions: Media Applications Vulnerabilities
  • 6. Disclosing Institutions: Server Vulnerabilities
  • 7. Disclosing Institutions: Business Applications Vulnerabilities
  • 8. Analysis of Targeted Applications by Type
  • 9. Analysis of Targeted Applications by Type (continued)
  • 10. Analysis of Targeted Applications by Type (continued)
  • 11. Targeted Web Browser Type
  • 12. Targeted Web Browser Type (continued)
  • 13. Analysis of Targeted Web Browser Type
  • 14. Targeted Operating Systems
  • 15. Analysis of Targeted Operating Systems

Vulnerability Analysis

  • 1. Vulnerability Definitions
  • 2. Vulnerability Definitions (continued)
  • 3. Vulnerabilities Reported by Flaw Type (For 2012)
  • 4. Vulnerabilities Reported by Flaw Type
  • 5. Disclosing Institutions: Buffer Overflow Errors
  • 6. Disclosing Institutions: Code Injection Errors
  • 7. Top Impact Type
  • 8. Top Impact Types (continued)
  • 9. Analysis of Impact Types

Competitive Analysis

  • 1. Competitive Analysis Verified Vulnerabilities
  • 2. Competitive Analysis Verified Vulnerabilities (continued)
  • 3. Competitive Analysis Verified Vulnerabilities (continued)
  • 4. Competitive Analysis Verified and Unverified Vulnerabilities
  • 5. Competitive Analysis Overview

Market Participants

  • 1. Fortinet FortiGuard Labs
  • 2. Fortinet FortiGuard Labs (continued)
  • 3. High-Tech Bridge
  • 4. High-Tech Bridge (continued)
  • 5. HP Security Research
  • 6. HP Security Research -Zero Day Initiative
  • 7. HP Security Research (continued)
  • 8. IBM X-Force
  • 9. IBM X-Force (continued)
  • 10. Secunia
  • 11. Secunia (continued)
  • 12. Market Participants Not Interviewed

Conclusions

  • 1. Conclusions
  • 2. Certification

Appendix

  • 1. Vulnerability Database Sources (for 2013)
  • 2. List of Publications Cited in This Report
  • 3. Legal Disclaimer

The Frost & Sullivan Story

  • 1. The Frost & Sullivan Story
  • 2. Value Proposition: Future of Your Company & Career
  • 3. Global Perspective
  • 4. Industry Convergence
  • 5. 360° Research Perspective
  • 6. Implementation Excellence
  • 7. Our Blue Ocean Strategy
Back to Top