Protect against Log4J without patching
Learn More
Protect against Log4J without patching
Learn More

blogEducationalRecent NewsCyber Security Attacks Solution | Application Security | K2 Cyber Security


June 29, 2020 By Timothy Chiu, VP of Marketing
Majority of Cyber Attacks Go Undetected

A new report from Mandiant, the Mandiant Security Effectiveness Report 2020, has some interesting new statistics around cyber attacks and attack detection.  The study looked at multiple stages of attack life cycles within 11 global industries. The troubling conclusion of the new report is that within organizations, security controls are not performing as expected. There’s a significant perception versus reality problem, and while most companies are assuming that they are alerting, preventing and blocking attacks – but in actuality, they aren’t protected.

Here’s some of the top interesting statistics from the report:

  • Alerts are only generated for 9% of attacks
  • Only 26% of attacks are detected
  • Only 33% of attacks are prevented
  • Over half (53%) of attacks are missed

Overall these are some pretty scary statistics for attacks. These new statistics further bolster the need for application security that’s effective at detecting attacks, while at the same time have the least amount of false positives.  Good alerts buried in a sea of false alerts are worthless, and keeping false positives down to a minimum is critical.

K2’s runtime deterministic application security platform monitors the application and has a deep understanding of the application’s control flows, DNA and execution.  By validating the application’s control flows, deterministic security is based on the application itself, rather than relying on past attacks to determine a zero day attack.  Deterministic security results in the detection of sophisticated zero day attacks and also protects from application from the risks listed in the OWASP Top Ten.  Deterministic security has the added side benefit of reducing false positives to a minimum, because there’s no reliance on matching past attacks, and alerts are only triggered on validated attacks.

K2’s Next Generation Application Workload Protection Platform addresses today’s need for runtime security in an easy to use, easy to deploy solution.  K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application.  To aid in quick remediation of vulnerabilities, K2 also provides detailed attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.

Change how you develop and protect your applications.

Find out more about K2 today by requesting a demo, or get your free trial.



Share this

Leave a Reply

Your email address will not be published. Required fields are marked *


K2 Cyber Security delivers the Next Generation Application Security Platform to secure web applications and container workloads against sophisticated attacks in OWASP Top 10 and provides exploitable vulnerability detection during pre-production. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production/QA servers for interactive application security testing to identify the location of the vulnerable code. K2’s solution generates almost no false positives, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools like Web Application Firewalls and host based EDR, finds missed exploitable vulnerabilities and dramatically reduces security cost. K2 Cyber Security is headquartered in the USA and provides cyber security solutions globally.


K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131