Together with our distribution partner Nuvias, we have convinced 21 IT service providers of the benefits of lywand and gained them as partners.
Our partners have renovated the IT infrastructure of 62 companies with lywand.
In total, 308 security audits have been performed.
The average duration of a security audit was 9.5 hours.
We checked companies with very small infrastructures (from one target) up to large organizations (941 targets).
According to the American school grading system from A-F
Of all the initial scans that were conducted, the average rating is between E and F.
A large proportion of companies (around 60 %) received the poor rating of F in the initial security scan.
Around 20 % received a rating of C.
The second poorest rating, E was obtained by 15% of the companies.
None of the companies had either an A or B rating.
The IT sector performed best, with an average rating of C.
Followed by the industry and health sectors, which achieved an average rating of D.
The transport sector received a ranking of E.
Companies from the trade and tourism sectors had the worst ratings, with an average rating of F.
The lywand scan cluster currently distinguishes 112,244 different vulnerabilities, which it examines during a security audit of the external IT infrastructure.
So far, we have been able to discover more than 6,500 vulnerabilities at our customers' infrastructures.
Our partners resolved a total of 986 vulnerabilities with 414 recommended measures.
Insecure or hacked passwords
Security vulnerabilities in outdated CMS systems (Wordpress, Joomla)
Insecure file sharing (ownCloud, QNAP)
Outdated web server software (PHP, jQuery, OpenSSL, Apache)
Outdated operating systems (Windows, Linux)
Improvement of encryption
We generally recommend using better encryption methods.
Change server configurations
We recommend small adjustments of server configurations, thereby solving vulnerabilities or making them no longer exploitable.
Outdated software versions were discovered. These should be updated to avoid known vulnerabilities in older versions.
Change of passwords (disclosed/standard)
Passwords should be changed immediately when they appear in a published data leak. Default passwords should not be used in general, and we recommend the use of a password manager.
Update of operating systems
Operating systems should be updated; in some cases, operating systems must be completely reinstalled.
Based on the results of our clients' first security checks, it is evident that we found security gaps in all cases and that the assessment was generally poor. With the help of our security checks, possible entry points for cyber criminals were discovered in time and, thanks to our partners, many of the security gaps have already been closed. As a result, the risk of (successful) cyberattacks has been significantly reduced.
Often the “small” measures that do not incur costs and are easy to implement are the ones that can quickly improve the security level. It is particularly important that security audits take place at regular intervals so that a possible deterioration of the security situation can be detected quickly.
The data from the last six months illustrate that there is still a lot of demand for awareness and room for improvement in the area of IT security – in all sectors. This encourages us to pursue our mission every day. After all, we are working towards a future where security is no privilege, in which even the smallest company can meet the highest cybersecurity standards.
We have also set ourselves big goals in 2022. We want to steadily expand our partner network in the DACH region and in the EMEA region in order to give as many companies as possible an easy entry to IT security.
In addition, our security audit platform go.lywand.com will be enlarged with the internal scan. Soon, our partners will be able to conduct an audit of their customers' internal IT infrastructure in addition to the external audit. (More to come in Q2.)
Are you pursuing the same mission as we are and would like to offer your customers a better security? In that case, become part of our partner network!
Your company also wants affordable, automated security checks for more visibility? Click the button to find a partner who renovates your IT security!
In this article, we look back on the past year and have summarised the most important things for you: newly developed features, updates on our partner network and technical insights into the security audit platform. Finally, you will find a summary of our management and an outlook for 2024.
Our security audit platform is now available to IT service providers in Austria, South Tyrol and the Eastern European region via our new distribution partner Nestec. You can find all information about the new distribution partnership in our press release.