Assessing Exposure & Organizational Behavior to the BlueKeep Vulnerability
Researchers at SecurityScorecard have studied the BlueKeep Vulnerability since it was first disclosed and are aware of the potential impact a BlueKeep event could have. SecurityScorecard researchers have used this event as a way to study companies’, and organizations’ response to this vulnerability over time.
A few key findings from the report:
- The majority of systems vulnerable to BlueKeep which were subsequently patched, implemented that patch within 13 days.
- The response of a company’s security/IT team to BlueKeep was generally slow or non-existent.
- SecurityScorecard’s grades positively correlate with identification of at least 1 vulnerable BlueKeep instance.