Average time to fix high severity vulnerabilities grows from 197 days to 246 days in 6 months: report

The latest AppSec Stats Flash report from NTT Application Security has found that the remediation rate for severe vulnerabilities is on the decline, while the average time to fix is on the rise.

The report, which is compiled monthly, covers window of exposure, vulnerability by class and time to fix.

The latest report found that the window of exposure for applications has increased over the last six months while the top-5 vulnerability classes by prevalence remain constant, which the researchers behind the report said was a “systematic failure to address these well-known vulnerabilities.”

According to NTT Application Security researchers, the time to fix vulnerabilities has dropped 3 days, from 205 days to 202 days. The average time to fix is 202 days, the report found, representing an increase from 197 days at the beginning of the year. The average time to fix for high vulnerabilities grew from 194 days at the beginning of the year to 246 days at the end of June.

Full article

Scroll to Top