Statistics Report: Insights and Trends in Cybersecurity

The 2022 report is our 7th edition and provides a statistical model of the most common weaknesses
faced by organizations across the globe to enable data-driven decisions
for managing risks and exposures more effectively. 

thumb-vulnerabilityThis comprehensive report analyzes the top vulnerabilities from the past year and provides valuable insights to help you better understand the threat landscape and protect your organization.

Discover the top vulnerabilities by severity, industry, and more, and gain valuable insights into the trends and patterns shaping the cybersecurity landscape. Our report is a must-read for anyone looking to stay on top of the latest security threats and trends.


Interesting Findings Include:

  • Despite patches being available, 57% of vulnerabilities found in 2021 were considered old, ranging from first discovered in 1999 to recent years.
  •  Issues regarding Rate Limiting requests, Direct object access (IDOR), and Authorization issues were more common in APIs than web applications.
  • As in previous years, Cross-Site Scripting (XSS) remained the most common high-risk issue in web applications at 49.8%.
  • Misconfiguration, broken logic, username enumeration, or insecure authentication functionality led to Broken Authentication being high on the list for 2021.
  • Cryptographic issues were prevalent across the full stack, accounting for the most common CWE discovered in 2021.
  • The report shows the most common vulnerability types that organizations tend to accept the risk posed by them, including Cross-Site Scripting, Broken Authentication, and Injection.

Get Your Copy

Edgescan requires the data you provide in order to share product information. By submitting this form, you agree to our collection and use of your information in accordance with our Privacy Policy. You may opt out at any time.



About the Vulnerability Statistic Report
Since 2015 Edgescan has annually produced the Vulnerability Statistics Report to provide a global snapshot of the overall state of cybersecurity using intelligence obtained from the Edgescan data lake. This yearly report has become a reliable source for approximating the global state of vulnerability management and enterprises security postures.
This is exemplified by our unique dataset being part of the Verizon Data Breach Report (DBIR), which is the de facto standard for insights into the common drivers for incidents and breaches today.
The vulnerability data analyzed for this report was collected from thousands of security assessments and penetration tests performed on millions of assets utilizing the Edgescan Platform. Vulnerability data was sourced from over 250 companies of various sizes, Fortune 500 to medium and small businesses, across 30 industry verticals.


Copyright © 2023 Edgescan  All Rights Reserved  |  Privacy Policy
Dublin: Unit 701 Northwest Business Park, Dublin 15, D15  CH256   |   New York: 33 West 60th Street, New York, NY 10023