New research highlights vulnerability trends still impeding innovation

The Invicti AppSec Indicator,

Spring 2022 Edition

There’s no sugarcoating it: severe simply aren’t getting any scarcer. In this edition of the Invicti AppSec Indicator, we’re digging into a huge data set from more than 900 global Invicti customers for a holistic look at these vulnerability trends, and what organizations need to do improve their security posture.

Read our latest research report to learn more about:

  • The alarming trends that we’re seeing ebb and flow
  • Which flaws are on the uptick and why that might be
  • How to solve issues that lead to poor security posture
  • Remote code execution (RCE), cross-site scripting (XSS), and SQL injection (SQLi) are all top offenders, each increasing in frequency or hovering around the same alarming numbers year over year
  • Remote code execution, often the ultimate goal of a malicious attacker and which was exploited via last year’s Log4Shell vulnerability, has seen a steady increase since 2018, jumping 5% in frequency. 
  • 35% percent of educational institutions and 32% percent of government organizations experienced at least one occurrence of SQLi in 2021