Attack time frames are shrinking rapidly. Here’s how cyber teams can cope.

Posted on by

That is easy to stay but a lot harder to implement. Other analysts have seen complicating factors making any cross-team cooperation difficult. Tamnoon, a cloud security vendor, has found that CNAPP tools classify the severity of threats differently and often are at odds with one another, citing one example in which one tool called a potential issue “informational” while another tool flagged the same issue a critical threat. “We saw organizations attempting to manage hundreds and thousands of critical alerts simultaneously. With such volume, prioritizing what to do next becomes challenging, causing many critical alerts to remain in the backlog for months at a time,” its report authors wrote.

Also contributing to these longer resolution times is that software is getting more complex, and analysts are having a harder time to scan their code, and find and fix flaws. Veracode’s report shows time-to-fix software flaws has increased 47% since 2020 and the proportion of apps with high severity flaws has almost tripled in that time. “Finding flaws is easy these days; fixing them is where the challenge lies,” the authors wrote.

One solution, not surprisingly coming from a vendor that sells code scanning tools, is to perform more frequent application testing and scanning, along with better and more thorough security training. Another is to seek out and eliminate overall security debt, so that developers are continuously improving their code and finding these flaws.