Our Recap of 2022

The year 2022 was a year full of change and progress for lywand. In this article, we look back on the past year and give a preview of the developments that await us in 2023.

It was an honour!

The year 2022 was a year full of change and progress for lywand. We celebrated our second founding anniversary and gained a new distribution partner.

We also extended our security audit platform with an internal audit and moved to a consumption billing model to offer our partners more flexibility and cost efficiency.

In this article, we look back on the past year and give you a preview of the developments that await us in 2023.


lywand Network: 2 distributors, 208 partners, 368 customers

On July 20th 2022, we entered into a new distribution partnership with Fokus MSP GmbH. Together with our two distribution partners Fokus MSP & Nuvias, we were able to convince a total of 208 IT service providers of lywand and win them as partners. Compared to last year, we have increased this number almost tenfold. In the meantime, the number of renovated companies has also risen to 368.

Security audits

Security audits conducted

Audits performed: 1.728 external and 11.474 internal

A total of 1,728 external security audits were carried out. Compared to the previous year, this number has increased almost sixfold, compared to a total of 308 at the end of 2021.

Since the launch of the internal audit at the end of October, 11,474 internal audits have already been carried out.

Due to the fact that external audits of the IT infrastructure take place monthly as standard, and internal audits are carried out daily on the end device, the amount of internal audits is much higher than that of external audits.

Average audit duration

Average audit duration: 600 minutes external and 9 minutes internal

The average duration of an external security audit is 10 hours, compared to the internal audit, which takes only 9 minutes for a complete check.

During the external audit, lywand performs a comprehensive check (e.g. web servers, VPN gateways, mail servers, web applications, etc.) for security vulnerabilities and possible gateways from the perspective of a potential attacker. In addition, there is an examination of whether possibly stolen company data records are in circulation on the dark net.

We have developed our own agent for the internal audit. This agent checks best practice configurations on the basis of known security vulnerabilities (CVE), as well as current patch levels on the end device. To create a foundation as broad as possible, basic security mechanisms such as Windows Firewall, current antivirus software or the use of Office macros are also checked. In addition, there is a separate assessment category of ransomware protection, which shows at a glance the exposure of the IT environment to a ransomware attack.

Vulnerabilities overview

Vulerabilities identifiable 138,6K and discovered 12,1K

Our platform distinguishes a total of 138,576 different vulnerabilities, which it checks as part of the security audits. So far, we have been able to detect around 12,113 security vulnerabilities in clients' IT infrastructures.

Gravest vulnerabilities

Among the vulnerabilities we discovered, the following five were the most serious:

  1. Missing patches

    This type of vulnerability occurs when systems or applications are not kept up to date. They can be easily exploited by hackers to gain access to systems and data.

  2. SQL Injection

    This is where malicious code input is injected into a system to gain access to databases and other systems.

  3. Outdated operating systems

    Older operating systems can be more easily exploited by hackers because they are usually no longer patched by manufacturers.

  4. Security gaps in outdated CMS systems

    Content management systems (CMS) are important for managing websites and other online resources. If they are outdated, they can be more easily exploited by hackers.

  5. Insecure authentication

    Authentication vulnerabilities can enable hackers to gain access to systems and data by pretending to be an authorized user.

Comparison to last year

Gravest vulnerabilities 2021 vs. 2022

Compared to the most serious vulnerabilities in 2021, there are some differences. In 2021, insecure or hacked passwords were the most serious vulnerability, while in 2022 it dropped out of the ranking. Vulnerabilities in outdated CMS systems were the second most serious vulnerability in 2021, while they moved down to 4th place in 2022.

In 2021, insecure file sharing systems and outdated web server software and operating systems were also in the top five most serious vulnerabilities. In 2022, however, they are no longer in the ranking. Instead, missing patches, SQL injection and vulnerabilities in outdated CMS systems have been added in 2022. Insecure authentication rounds out the current ranking of the most serious vulnerabilities.

The comparison shows that the most serious vulnerabilities can change over time. In addition, the internal audit which was launched in autumn has led to new vulnerabilities which have influenced the ranking.

Most common vulnerabilities

Among the vulnerabilities we discovered in 2022, the following five were the most common:

  1. Lack of patches

    As mentioned above, it is important to keep systems and applications up to date to avoid security vulnerabilities.

  2. SSL misconfiguration

    Secure Sockets Layer (SSL) is used to ensure the security of data transmissions over the internet. Misconfiguration of these settings can result in data being more easily intercepted by hackers.

  3. Web server misconfiguration

    Misconfiguration of the web server can result in data being more easily intercepted by hackers. It is essential that web servers are regularly checked and configured to avoid this type of vulnerability.

  4. Compromised user information

    If user information such as passwords and usernames fall into the hands of hackers, they can easily gain access to systems and cause damage. It is essential that users apply strong passwords and regularly change their passwords to avoid this type of vulnerability.

  5. Security vulnerabilities in outdated CMS systems

    As already mentioned, CMS systems are critical for managing websites and other online resources. It is indispensable that they are regularly updated to ensure that they cannot be exploited by hackers.

Comparison of gravest vs. most frequent vulnerabilities

Most frequent vs. gravest vulnerabilites

Some of the most serious vulnerabilities, such as lack of patches and security weaknesses in outdated CMS systems, are also found among the most common vulnerabilities. This means that these vulnerabilities are not only common, but also have potentially problematic consequences.

It is therefore essential to take the right measures to address vulnerabilities and take adequate measures to avoid the possibility of future ones.

Our conclusion

An eventful year 2022 lies behind us! We are on a very good path with the product development of the internal audit for SMEs, our swing to the consumption billing model and the MSSP-only approach. The current success and the great acceptance of the innovative MSSPs makes us feel highly confident for 2023.

The motivation and atmosphere in our team is extraordinary. Together with our constantly growing partner landscape, we are living our lywand DNA and helping more and more SMEs with their cybersecurity hygiene.


Our roadmap includes two major themes: cloud and network. We are working to expand our security audit platform in these areas to provide even more functionalities to our partners.

We are strongly oriented towards the needs of our partners and adjust our development focus accordingly. In this way, we want to ensure that the requirements of our partners are taken into account in the best possible way.

Thomas Haak

January 18, 2023



Might be also interesting


Why Independent Security Audits are Essential

In this article, we highlight the benefits of independent security audits and their ability to provide comprehensive assessments - a cornerstone of an effective cybersecurity strategy.

June 7, 2024
Externer Scan


Why Regular Scans of the External IT are Relevant to all Organizations

This article highlights the reasons why external audits are taking a back seat and emphasizes the critical importance of regular security audits of external systems.

May 23, 2024


Whitelabeling: The Platform in Your Own Look & Feel

Whitelabeling allows you to customize the Security Audit Platform with your own look and feel. To complete the new feature, we have added another "treat": Read-only Access.

March 21, 2024