Vulnerabilities are components of code that can be exploited to negatively impact the security of data, systems, people, or IP. According to ISO/IEC 29147:2018, a vulnerability is, “a behavior or set of conditions present in a system, product, component, or service that ‘violates an implicit or explicit security policy.'”

This infographic, Vulnerability 101, answers basic questions about vulnerabilities, such as:

  • What is the cause of vulnerabilities?
  • How common are vulnerabilities?
  • How are vulnerabilities surfaced?
  • Who finds vulnerabilities?
  • How can I become more vulnerable? (JK, take that to your therapist)

If you want to learn more about vulnerability disclosure, we highly recommend the new report, The 2021 Ultimate Guide to Vulnerability Disclosure.