Application security threats are ever present. In 2020, the National Vulnerability Database (NVD) reported over 18,000 vulnerabilities — setting a new record. Alarmingly, over 10,000 of these vulnerabilities were labelled as critical or high severity.
At the same time, attackers continue to exploit well-known vulnerabilities. Joint research from the US’ Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the UK’s National Cyber Security Center (NCSC), and The Australian Cyber Security Centre (ACSC) found that many of the top 30 vulnerabilities exploited by attackers during 2020 (and into 2021) were well-known, with all of them having an available patch.
