SOURCE: eEye Digital Security

eEye Digital Security

December 07, 2010 09:00 ET

eEye Research Reveals Top Vulnerability and Compliance Management Trends, Challenges for 2011

1,963 Survey Respondents, Plus Research With Customers, Prospects and Analysts, Reveals Compliance Demands Lion's Share of IT Security Teams' Time

PHOENIX, AZ--(Marketwire - December 7, 2010) - eEye Digital Security, a provider of IT security and unified vulnerability management solutions, today announced availability of its 2011 Vulnerability Management Trends Research Report, providing insight, answers and awareness for the most pressing issues in vulnerability and compliance management today. The report revealed that hundreds of applications are deployed in today's enterprise and government environments, 60 percent of respondents' organizations have unpatched vulnerabilities in up to 25 percent of their applications, and regulatory compliance is demanding as much as 50 percent of IT security teams' work weeks. These conclusions are among many drawn from extensive research that included a 1,963-respondent survey; conversations with customers, prospects and analysts; and interactions with security industry leaders. The survey included responses from IT security pros -- from C-level executives to managers -- employed in enterprises from all Fortune levels and in a wide range of industries. The report is available free on the eEye website at

"Our research indicates that more-efficient vulnerability and compliance management processes are needed for organizations of all sizes and in all industries," said Brad Hibbert, eEye vice president of strategy. "This research, along with our investment in engineering, research and development, is allowing us to provide customers with solutions that let them address stringent compliance demands without sacrificing security."

eEye leveraged the research findings to contribute to the development of its newest product version, Retina CS 2.0, announced today in conjunction with the report. Report conclusions were also based on research that included the 1,963-respondent survey. Statistical highlights from the survey revealed the following:

  • Regulatory compliance burdens IT teams -- 85 percent of respondents feel the impact of regulatory compliance and industry standards including ISO, PCI DSS and HIPAA (and in the majority of cases, responds said they feel the impact of multiple standards). Efficiently managing compliance is a challenge, with 50 percent of respondents stating that regulatory compliance initiatives take up to 50 percent of their work weeks.

  • IT security manages vulnerabilities across hundreds of applications -- 73 percent of respondents' organizations have as many as 100 applications deployed; 18 percent have more than 200 deployed.

  • Zero Day identification is difficult -- the survey showed that on a scale of 1 to 5, with 5 being most difficult, 81 percent ranked the degree of difficulty of Zero Day identification as between 3 and 5; 20 percent ranked it as a 5.

  • Application vulnerabilities need more of IT's attention -- 60 percent of respondents indicated that as many as 25 percent of their applications have unpatched vulnerabilities.

  • Personnel shortages, mobile computing and Zero Days challenge patching processes -- when it comes to patching vulnerabilities, 31 percent stated they did not have enough personnel, 18 percent stated they did not have an integrated vulnerability scanning and patching solution, and 13 percent said their scanning solution could not recognize Zero Day vulnerabilities. Sixteen percent of respondents said their solution could not effectively patch remote devices and distributed networks.

About eEye Digital Security
Since 1998, eEye Digital Security has made vulnerability management simpler, less expensive and more effective by providing the only unified vulnerability and compliance management solution that integrates assessment, mitigation and protection into a complete offering. With a proven history of innovation, eEye has consistently been the first to uncover critical vulnerabilities and prevent their exploit. eEye leverages its world-renowned research to create award-winning solutions that strategically secure critical IT assets and the data they hold. Thousands of mid-to-large-size private-sector and government organizations, including some of the most complex IT environments in the world, rely on eEye solutions to protect against the latest known, unknown and zero-day vulnerabilities. See more at

Follow eEye Digital Security

Contact Information

  • Contact:
    Joe Franscella
    Trainer Communications
    Email Contact