SecPoint - Best IT Security
The best Innovative and powerful IT Security products

You are here: SecPoint & IT Security News

IBM Security report under criticism


IBM released its security report last week detailing the security holes found in vendor’s software. Two vendors including Google questioned the validity of the findings and pointed out inconsistencies in the report. This prompted IBM to revisit its statistics for the first half of 2010 and update its security report.

X-Force team ranks the top 10 vendors

That could not patch critical security holes

IBM’s security team called X-Force created a report ranking the top 10 vendors which were not able to patch critical security holes in their products. Google questioned the validity of the report and provided its own research on the matter.

Stack Buffer Overflow Vulnerabilities account

For a good 33% of security holes.

Apparently, the 33% of security holes that IBM was talking about was actually a miscategorised bug. The error was confused with a “Stack buffer overflow” which is a critical security flaw. The actual error was only a “Stack overflow” which may sound the same to many laymen but in actuality is a lesser security risk.

It is not the first time that Google was able to defend how their products were depicted. In 2006, Google was able to prove that it’s Goggle search ads were a victim of bad statistics concerning the click fraud issue and improved the company’s image.

What were the results of the actual report update? Google now has 0% unpatched critical security holes. It joins the ranks of Apple, which provided the standard with its 0% rating on the first report. Linux and Sun also are now critical security hole free. Only Microsoft seems to be worse off because of it actually increased its unpatched security holes to 11% from 7%. Sadly, after completing all the corrections, it turns out that the vendor with the most unpatched security holes in the first half of 2010 turns out to be the company who created the report.

This rather demonstrates that reports of this kind are not conclusive by themselves. Caution is best observed when creating these kinds of reports because rarely do reports like these have to be changed this much. That is why intelligent minds should always voice out their views and check the validity of any published report.

 

Powerful UTM Firewall, Vulnerability Scanner, WiFi Penetration Testing software

SecPoint is specialized to deliver the best IT security solutions and products.

Compatible with Product
Securely protected by SecPoint
Customer reference King Customer reference New York Customer reference ROC Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef Customer reference King Customer reference New York Customer reference Roc Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef