Following a penetration test or vulnerability scan, an organization will often have a handful of issues marked as low-risk. Most IT departments will be quick to mitigate high- and medium-risk vulnerabilities. However, when it comes to low-risk vulnerabilities, organizations often let the issues linger, or worse, dismiss them all together.
Believe it or not, these seemingly dismissible low-risk vulnerabilities can lead to large security breaches. From default credentials on an alarm system to an open Microsoft® share, the simplest security flaws can at times be more dangerous to an organization than a well-crafted exploit.
This white paper highlights common low-risk vulnerabilities most organizations consider non-threatening, and as a result, often fail to address in their remediation activities.