The Laws of Vulnerabilities 2.0



As an on demand vulnerability management solution, Qualys® has the unique ability to collect and analyze aggregate vulnerability data from thousands of real world networks, providing its customers information unavailable anywhere else.


Based on this statistically representative sample of Internet vulnerabilities, Qualys has presented and published leading vulnerability research including the well-known "Laws of Vulnerabilities". The Laws 2.0 reveals vulnerability half-life, prevalence, persistence and exploitation trends for five critical industry segments including Finance, Healthcare, Retail, Manufacturing and Services. These trends were drawn from a statistical analysis of more than 680 million vulnerabilities out of which 72 million vulnerabilities are critical, generated by 80 million scans during 2008.



The Laws of Vulnerabilities 2.0 Declarations


Laws of Vulnerabilities Research Methodology

The Laws is derived from an anonymous dataset that is not traceable to any given customer, IP address or network. The data is collected through the QualysGuard scanning infrastructure that performs over 1 billion IP audits annually. Simple counters are kept during scanning of customers' networks and the collected data is then summarized and logged daily for this research analysis.


Qualys Solutions
Qualys Community
Free Tools & Trials
Free Trial

Nothing to install or download!

1 (800) 745 4355