Trend Micro's Zero Day Initiative Extends Leadership in Public Vulnerability Disclosures

ZDI increases vulnerability market coverage for fifteenth year in a row

HONG KONG SAR – Media OutReach – 3 August 2022 – Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today celebrated the success of its Zero Day Initiative (ZDI), which was responsible for nearly 64% of all vulnerabilities disclosed in 2021, according to Omdia.

To read a full copy of the report, Quantifying the Public Vulnerability Market: 2022 Edition, please visit: https://www.trendmicro.com/explore/omdia-research

Brian Gorenc, senior director of vulnerability research for Trend Micro: “Having led the charge since the very first market analysis in 2007, the ZDI has expanded its volume of vulnerability disclosures for the fifteenth successive year. Our vulnerability research is second to none globally, both pre-and post-disclosure. In the ongoing race against malicious actors, we are proud to lead the industry in helping make the digital world a safer place.”

Omdia provided an independent comparative analysis of 11 global organizations that publicly research and disclose vulnerabilities, analyzing a total of 1,543 vulnerabilities disclosed and assigned a CVE in 2021.

Of the 984 vulnerabilities submitted by Trend Micro’s ZDI, 48 were critical, 723 were classified as high severity, and 129 were medium severity.

The results show the ZDI disclosed and managed over three times more vulnerabilities than its nearest rival and remains the world’s largest vendor-agnostic bug bounty program for the 14th consecutive year.

There was also positive news for the wider industry. Every vulnerability discovered and responsibly disclosed reduces the opportunity for malicious actors to craft surprise zero-day attacks. So the year-on-year increase in the total number of vulnerabilities disclosed by all 11 vendors is to be welcomed. This figure climbed 12% from 1,378 in 2020.

Tanner Johnson, principal analyst for Omdia: “This year’s data also revealed that monitoring software was responsible for the largest number of vulnerabilities submitted. This is another positive sign, as more organizations utilize this software to identify threats faster. ”

The average impact score of vulnerabilities has also increased year-on-year over the past three years, which means that the vulnerabilities disclosed could have a bigger impact if exploited. CVEs added to the US National Vulnerability Database (NVD) hit a record high for the fifth successive year in 2021.

Hashtag: #TrendMicro

About Trend Micro

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro’s cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world.