Remediation Programs Often Fail to Validate Fixes
The alarming truth is that remediation programs often fall short, with a staggering mismatch between the speed of exploits and fixes - Mandiant's report reveals a mean time to exploit of just -7 days, while Verizon's data shows a median remediation time of 32 days.
#VulnerabilityManagement #ExploitDevelopment #RemediationPrograms #Mtrends #Dbir
Everyone knows how much I love #Mandiant and the #MTrends report. It's my favorite source. However, this figure demonstrates why pie charts are absolutely worthless as a means of displaying quantitative information, compared to a simple table.
WITHOUT LOOKING AT THE TABLE, tell me what percentage of the initial infection (ugh, they are not "infections") vectors did the Brute Force category occupy?
To answer that question, you have to not be color blind. Then you have to find the appropriate color on the right. Last you find it in the pie chart. What a waste of time!
Now check the table. You're finished in a millisecond.
One other point: the data should have included raw numbers, not just percentages.
Pie charts are a monstrosity. #StopUsingPieCharts #EdwardTufte
Good day all! Today's #readoftheday is a lengthy one but also one that you do not want to miss! It is Mandiant (now part of Google Cloud)'s #MTrends for the year of 2023. Most of my research and intel that I share is at a very low level looking at attacks and behaviors at a certain point in time, sometimes referred to as an "atomic". BUT this report takes and entire year's worth of attacks, data, behaviors, TTPs, and anything in-between and really paints the big picture! I hope you will enjoy it as much as I do! Happy Hunting!
M-Trends 2023: MANDIANT SPECIAL REPORT
https://mandiant.widen.net/s/dlzgn6w26n/m-trends-2023
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting
Analyst207
Richard Bejtlich
Just Another Blue Teamer