Application Usage & Threat Report
Real Data. Real Threats. Analyzed Together for the First Time.
The Application Usage and Threat Report is the first report of its kind to provide an analysis of enterprise application usage and the associated threat activity. The report summarizes network traffic assessments performed worldwide in more than 3,000 organizations where 1,395 applications, 12.6 petabytes of bandwidth, 5,307 unique threats and 264 million threat logs were observed.
When does 25% + 20% = 0.4%?
The answer is when it is 339 social networking, video, and filesharing applications represent 20% of the bandwidth but displayed only 0.4% of the threat logs. Make no mistake, these applications represent high risk, but the volume is low when compared to the threats found in business applications
Crunchy on the outside, tender on the inside.
Exploits are bypassing the “crunchy” exterior security and targeting enterprises’ most valued assets – their business applications. Out of 1,395 applications found, 10 were responsible for 97% of all exploit logs observed - 9 of them are business critical applications.
Malware and custom applications = the 80%-20% rule.
While small in volume, unknown/custom traffic is very high in risk, it exemplifies the 80%-20%. The highest volume of malware logs (55%) were found in custom or unknown udp – yet it represented only 2% of all bandwidth.
Hiding in plain sight.
26% of the applications (356) use SSL in some way, shape or form, many on non-standard ports: 37 hop ports, 28 use TCP/80, 20 use ports other than TCP/443.
The report highlights the challenges that security teams face – how best to allocate resources to protect the network and the data traversing it.
Application Usage and Threat Report – Regional Findings (March 2013)
Highlights of Global findings as well as the regional findings for Asia Pacific, Japan, Americas and Europe, Africa, Middle East.