XM Cyber research reveals a significant portion (80%) of security exposures are due to misconfigurations, while less than 1% are attributable to CVEs. The report emphasizes the importance of addressing misconfigurations, particularly identity and credential issues, which pose a substantial risk to critical assets. It also highlights the inefficiency of solely focusing on patching CVEs, urging organizations to prioritize high-impact exposures like choke points
The study showcases that a substantial amount of exposures are dead ends for attackers, allowing security teams to allocate resources more effectively towards mitigating real threats. Additionally, the report underscores the industry-specific nature of cybersecurity risks, emphasizing the need for tailored security approaches. Ultimately, the findings stress the necessity of continuous exposure management and shifting towards a more proactive cybersecurity strategy beyond traditional vulnerability patching. ```https://thehackernews.com/2024/05/new-xm-cyber-research-80-of-exposures.html