Vulnerability
What are vulnerabilities?
Vulnerabilities are components of code that can be exploited to negatively impact the security of data, systems, people, or intellectual property (IP). Vulnerabilities are often referred to as “bugs.”
What causes vulnerabilities?
Vulnerabilities can be the result of erroneous scripting or can arise from changes in the deployment environment or from several seemingly intentional commands combined in unintentional ways.
How common are vulnerabilities?
The average software application reportedly has 15–50 bugs per thousand lines of code.
How are vulnerabilities surfaced?
Most internally developed software progresses through similar development life cycles, which include several phases of targeted testing prior to and throughout production. Unfortunately, it’s impossible to simulate every possible use case, permutation, or potential interaction in such controlled settings. Additionally, software is always evolving—expanding and contracting like a living organism to adapt to new operating environments and an ever-growing list of connected tools and services. This causes vulnerabilities to surface constantly.
Who finds vulnerabilities?
- Internal software developers
- End users
- Hackers
- Threat actors
Learn more about vulnerabilities
- Vulnerability Disclosure 101 Guide
- Vulnerability 101 Infographic
- Vulnerability Disclosure Program Data Sheet
- Vulnerability Disclosure Programs: From Luxury to Necessity Infographic
- Vulnerability Disclosure Policy: What is it and Why is it Important?
- Vulnerability Disclosure Program or Managed Bug Bounty: How to Determine which Program is Best for you
Get started with Bugcrowd
Hackers aren’t waiting, so why should you? See how Bugcrowd can quickly improve your security posture.