AP NEWS
Click to copy
Press release content from Business Wire. The AP news staff was not involved in its creation.
Click to copy
PRESS RELEASE: Paid content from Business Wire
Press release content from Business Wire. The AP news staff was not involved in its creation.

Virsec Delivers Broadest Coverage for MITRE Top 25 Most Dangerous Software Errors

September 19, 2019

SAN JOSE, Calif.--(BUSINESS WIRE)--Sep 19, 2019--

Virsec, a cybersecurity company delivering a radically new approach to protect against advanced targeted attacks, today announced the industry’s broadest coverage for MITRE’s new list of the Top 25 Most Dangerous Software Errors. Based on analysis and weighted scoring of over 25,000 vulnerabilities from the NIST National Vulnerability Database (NVD), this report highlights software errors and potential attacks that developers and security professionals should be closely monitoring.

By far the most dangerous error, according to MITRE, is CWE-119, labeled “Improper Restriction of Operations within the Bounds of a Memory Buffer.” This bug allows code to read or write data outside of the buffer’s boundaries. This single risk accounted for almost 20% of the total weighted score for all the top 25.

“Memory-based attacks have become widespread, but few organizations are adequately protected against them,” said L. Barry Lyons IV, Director, Federal Risk Management KPMG. “It’s important that MITRE has highlighted these risks, while vendors like Virsec rollout coverage against these advanced threats.”

The new MITRE list highlights the most widespread and critical weaknesses that can lead to serious vulnerabilities in software. According to MITRE, “These weaknesses are often easy to find and exploit. They are dangerous because they will frequently allow adversaries to completely take over execution of software, steal data, or prevent the software from working.”

The top 10 errors, which account for almost 80% of the total weighted risk are all related to advanced memory or web-based threats. Virsec is the only vendor that provides complete protection across the full application stack including the web, memory, and host layers. Mapping coverage to the new MITRE list, Virsec provides:

“It’s not surprising that MITRE has found a memory-based threat to be the most dangerous. Vulnerabilities in memory are a blind spot for most enterprises, and can be exploited during runtime, bypassing conventional security tools,” said Satya Gupta, CTO of Virsec. “Our mission is to provide the most robust protection against advanced memory and web attacks, and we support MITRE shining a light on these risks.”

About Virsec

Based in San Jose, California, Virsec delivers innovative solutions to counter today’s advanced cyberattacks. The company is led by industry veterans who have driven one of the world’s top processor teams, and created innovative technology in network security, embedded systems and real-time memory systems. The team has broad leadership experience at companies including AMD, Cisco, Palo Alto Networks, Juniper, Dell, NextGen, BMC Software, ForcePoint, as well as a long list of high-growth startups. More information and demos are available at www.virsec.com.

View source version on businesswire.com:https://www.businesswire.com/news/home/20190919005226/en/

CONTACT: Dan Chmielewski

Madison Alexander PR, Inc.

714-832-8716

C: 949-231-2965

dchm@madisonalexanderpr.com

KEYWORD: CALIFORNIA UNITED STATES NORTH AMERICA

INDUSTRY KEYWORD: SOFTWARE INTERNET DATA MANAGEMENT TECHNOLOGY SECURITY MOBILE/WIRELESS

SOURCE: Virsec

Copyright Business Wire 2019.

PUB: 09/19/2019 06:00 AM/DISC: 09/19/2019 06:01 AM

http://www.businesswire.com/news/home/20190919005226/en

All contents © copyright 2019 The Associated Press. All rights reserved.