表紙
市場調査レポート

世界の公的脆弱性調査市場分析

Analysis of the Global Public Vulnerability Research Market in 2013

発行 Frost & Sullivan 商品コード 305721
出版日 ページ情報 英文 94 Pages
納期: 即日から翌営業日
価格
本日の銀行送金レート: 1USD=102.12円で換算しております。
Back to Top
世界の公的脆弱性調査市場分析 Analysis of the Global Public Vulnerability Research Market in 2013
出版日: 2014年06月13日 ページ情報: 英文 94 Pages
概要

当レポートは世界の公的な脆弱性調査市場を精査しており、全ネットワーク・セキュリティ産業内での脆弱性調査分野が占める位置、主要な市場動向、2012年の1年間に数多く報告された脆弱性のタイプ、2012年に最も多く攻撃の的となったアプリケーション、重大な被害を受けることになった脆弱性のタイプ、脆弱性発見報償制度がセキュリティ・ベンダーの脆弱性報告数に与えた影響など詳細な分析を加えています。また、市場競争状況の分析、ならびに主要企業の企業プロファイルを提供しています。

第1章 エグゼクティブ・サマリー

  • 調査結果の要点

第2章 市場概観

  • 市場概要
  • 公的な脆弱性報告
  • 公的な脆弱性開示
  • 公的な脆弱性開示のベストプラクティス
  • 進化するアタッカー
  • 用語と定義
  • 当レポートの主眼

第3章 サイバー脅威分析およびレポーティング

  • サイバー脅威分析およびレポーティング序論
  • モノのインターネット
  • SCADA
  • ソフトウェア - Java
  • マルウェア
  • モバイルマルウェア
  • ウェブサイト
  • ウェブ・ブラウザ
  • 脆弱性とソーシャルメディア
  • マイクロソフトと脆弱性
  • セキュリティデバイスやセキュリティ機器へのアタック
  • OpenSSLのハートブリードバグ
  • セキュリティサービスベンダーやデバイスベンダーの貢献
  • サイバー脅威環境: HPの観点

第4章 ケーススタディ

  • サイバーアタックのケーススタディ: DarkSeoul
  • 脆弱性ケーススタディ: D-LinkおよびPlanexホームルーター
  • ケーススタディ: Oracle Outside In OS/2の脆弱性

第5章 公的脆弱性調査市場の市場動向

  • 年ごとの脆弱性報告数
  • 四半期ごとの脆弱性報告数
  • 市場動向
  • 脆弱性開示
  • 組織タイプ別に見た脆弱性開示

第6章 深刻度レベル別に見た脆弱性分析

  • 深刻度レベル別に見た脆弱性分析

第7章 標的とされたアプリケーション比較

  • 標的となったアプリケーション
  • 標的となったアプリケーションの分析
  • 特に数多く標的とされたアプリケーションのタイプ
  • 開示機関: ウェブブラウザーの脆弱性
  • 開示機関: サーバーの脆弱性
  • 開示機関: ビジネスアプリケーションの脆弱性
  • タイプ別標的アプリケーション分析
  • 標的とされたウェブブラウザーのタイプ
  • タイプ別標的ウェブブラウザー分析
  • 標的とされたOS
  • 標的となったOSの分析

第8章 脆弱性分析

  • 脆弱性の定義
  • 欠陥タイプ別に見た既報告脆弱性 (2012年)
  • 欠陥タイプ別に見た既報告脆弱性
  • 開示機関: バーファーオーバーフロー・エラー
  • 開示機関: コードインジェクション・エラー

第9章 市場競争分析

  • 市場競争状況分析: 検証済み脆弱性
  • 市場競争状況分析: 検証済みおよび未検証脆弱性
  • 市場競争分析: 概要

第10章 主要企業

  • Fortinet FortiGuard Labs
  • High-Tech Bridge
  • HP Security Research
  • IBM X-Force
  • Secunia
  • インタビューを行っていない主要企業

第11章 結論

第12章 付録

目次
Product Code: D565-00-07-00-00

Key Findings

  • In 2012, XXsoftware vulnerabilities were reported publicly by research organizations.
  • Software vulnerabilities form the basis of cyber attacks that resulted in more than XXmajor security breaches reported in 2012.
  • Furthermore, million new malicious software programs (also called “malware”) were identified in 2012. Malware also benefits from vulnerable computing systems.
  • Vulnerability research represents an invaluable security service considering the billions of dollars lost in data security breaches.
  • Hackers targeting media applications, business applications, and content management platforms accounted for XX% of reported vulnerabilities.
  • Individuals were responsible for XX% of vulnerabilities reported in 2012. This group was followed by security vendors, government entities, education institutions, and manufacturers, respectively.
  • The top XX targeted applications in 2012 were Mozilla Firefox, Apple QuickTime, and Microsoft Internet Explorer.
  • In 2012, The United States Computer Emergency Readiness Team (US-CERT) disclosed XX verified vulnerabilities. As a branch of the United States Department of Homeland Security (DHS), US-CERT conducts original vulnerability research and acts as a repository for vulnerability reports and analyses.

Key Questions This Insight Answers

  • Where does vulnerability research fit into the overall network security industry?
  • What are the major trends in the public vulnerability research market?
  • What type of vulnerabilities are reported the most?
  • Which applications and application types were prone to vulnerabilities in 2012?
  • What types of vulnerability errors resulted in severe impacts?
  • How do contributor compensation programs affect the number of vulnerabilities that security vendors report?

Table of Contents

1. ANALYSIS OF THE GLOBAL PUBLIC VULNERABILITY RESEARCH MARKET IN 2013

Executive Summary

  • 1. Executive Summary-Key Findings
  • 2. Executive Summary-Key Findings (continued)

Research Methodology

  • 1. Research Methodology
  • 2. Research Methodology (continued)
  • 3. Research Objectives

Market Overview

  • 1. Market Overview
  • 2. Market Overview (continued)
  • 3. Market Overview-Public Vulnerability Reporting
  • 4. Market Overview-Public Vulnerability Disclosure
  • 5. Market Overview-Best Practices Public Vulnerability Disclosing
  • 6. Market Overview-The Evolving Attacker
  • 7. Market Overview-The Evolving Attacker (continued)
  • 8. Market Overview-Terminology and Definitions
  • 9. Market Overview-Key Questions This Insight Answers

Cyber Threat Analysis and Reporting

  • 1. Introduction to Cyber Threat Analysis and Reporting
  • 2. The Internet of Things
  • 3. The Internet of Things (continued)
  • 4. The Internet of Things-Healthcare
  • 5. SCADA
  • 6. Software-Java
  • 7. Malware
  • 8. Malware (continued)
  • 9. Mobile Malware
  • 10. Mobile Malware (continued)
  • 11. Mobile Malware (continued)
  • 12. Websites
  • 13. Websites (continued)
  • 14. Web Browsers
  • 15. Vulnerabilities and Social Media
  • 16. Vulnerabilities and Social Media (continued)
  • 17. Microsoft and Vulnerabilities
  • 18. Microsoft and Vulnerabilities (continued)
  • 19. Attacks on Security Devices and Appliances
  • 20. OpenSSL Virus Heartbleed Bug
  • 21. Contributions from Security Services and Devices Vendors
  • 22. Cyber Threat Environment : HP Perspective
  • 23. Cyber Threat Environment : HP Perspective (continued)

Case Studies

  • 1. Cyber Attacks Case Study: DarkSeoul
  • 2. Vulnerability Case Study: D-Link and Planex Home Routers
  • 3. Case Study-Oracle Outside In OS/2 Vulnerability

Market Trends in Public Vulnerabilities

  • 1. Vulnerabilities Reported by Year
  • 2. Vulnerabilities Reported by Quarter
  • 3. Market Trends
  • 4. Market Trends (continued)
  • 5. Market Trends (continued)
  • 6. Vulnerability Disclosure
  • 7. Vulnerability Disclosure (continued)
  • 8. Vulnerability Disclosure (continued)
  • 9. Vulnerability Disclosure by Organization Type
  • 10. Vulnerability Disclosure by Organization Type (continued)
  • 11. Vulnerability Disclosure by Organization Type (continued)

Analysis of Vulnerabilities by Severity

  • 1. Analysis of Vulnerabilities by Severity
  • 2. Analysis of Vulnerabilities by Severity (continued)
  • 3. Analysis of Vulnerabilities by Severity (continued)
  • 4. Analysis of Vulnerabilities by Severity (continued)
  • 5. Analysis of Vulnerabilities by Severity (continued)
  • 6. Analysis of Vulnerabilities by Severity (continued)
  • 7. Analysis of Vulnerabilities by Severity (continued)
  • 8. Analysis of Vulnerabilities by Severity (continued)
  • 9. Analysis of Vulnerabilities by Severity (continued)

Comparison of Targeted Applications

  • 1. Targeted Applications
  • 2. Analysis of Targeted Applications
  • 3. Top Targeted Types of Applications
  • 4. Disclosing Institutions: Web Browser Vulnerabilities
  • 5. Disclosing Institutions: Media Applications Vulnerabilities
  • 6. Disclosing Institutions: Server Vulnerabilities
  • 7. Disclosing Institutions: Business Applications Vulnerabilities
  • 8. Analysis of Targeted Applications by Type
  • 9. Analysis of Targeted Applications by Type (continued)
  • 10. Analysis of Targeted Applications by Type (continued)
  • 11. Targeted Web Browser Type
  • 12. Targeted Web Browser Type (continued)
  • 13. Analysis of Targeted Web Browser Type
  • 14. Targeted Operating Systems
  • 15. Analysis of Targeted Operating Systems

Vulnerability Analysis

  • 1. Vulnerability Definitions
  • 2. Vulnerability Definitions (continued)
  • 3. Vulnerabilities Reported by Flaw Type (For 2012)
  • 4. Vulnerabilities Reported by Flaw Type
  • 5. Disclosing Institutions: Buffer Overflow Errors
  • 6. Disclosing Institutions: Code Injection Errors
  • 7. Top Impact Type
  • 8. Top Impact Types (continued)
  • 9. Analysis of Impact Types

Competitive Analysis

  • 1. Competitive Analysis Verified Vulnerabilities
  • 2. Competitive Analysis Verified Vulnerabilities (continued)
  • 3. Competitive Analysis Verified Vulnerabilities (continued)
  • 4. Competitive Analysis Verified and Unverified Vulnerabilities
  • 5. Competitive Analysis Overview

Market Participants

  • 1. Fortinet FortiGuard Labs
  • 2. Fortinet FortiGuard Labs (continued)
  • 3. High-Tech Bridge
  • 4. High-Tech Bridge (continued)
  • 5. HP Security Research
  • 6. HP Security Research -Zero Day Initiative
  • 7. HP Security Research (continued)
  • 8. IBM X-Force
  • 9. IBM X-Force (continued)
  • 10. Secunia
  • 11. Secunia (continued)
  • 12. Market Participants Not Interviewed

Conclusions

  • 1. Conclusions
  • 2. Certification

Appendix

  • 1. Vulnerability Database Sources (for 2013)
  • 2. List of Publications Cited in This Report
  • 3. Legal Disclaimer

The Frost & Sullivan Story

  • 1. The Frost & Sullivan Story
  • 2. Value Proposition: Future of Your Company & Career
  • 3. Global Perspective
  • 4. Industry Convergence
  • 5. 360° Research Perspective
  • 6. Implementation Excellence
  • 7. Our Blue Ocean Strategy
Back to Top