This report demonstrates the impact of Intel’s active investments in product
security assurance.
Intel released the results of its 2023 Product Security Report. Proactive investments accounted for 94% of its vulnerability disclosures in 2023, the highest in five years.
“Intel believes a transparent approach to security is the only way to truly empower customers while delivering product innovations that build defences at the foundation. Protecting workloads while accelerating software resilience is key to pushing the boundaries around how we define what is and what is not secure. Working with our customers and industry partners through key security assurance practices enables us to achieve the levels of secure performance people expect and deliver technology they trust.”
– Greg Lavender, Intel executive vice president, chief technology officer and general manager of the Software and Advanced Technology Group
In the past year, Intel addressed 353 vulnerabilities, while a record 256 researchers engaged in its Bug Bounty program (up from 181 in 2022), including an elite community of ethical hackers through Project Circuit Breaker. Companies, like Intel, who have prioritised these initiatives for years remain at the forefront of security and innovation. Their efforts combat modern cyberthreats for the betterment of the entire ecosystem and provide the first line of defence for customers. They also produce tangible security benefits; the report found that AMD reported three times more platform firmware vulnerabilities than Intel in 2023.
Recommended : Untraditional Ways To Discover Tech Talent And Promising Software Projects
Key Findings from the Report:
- Intel achieved a combined 39% reduction in hardware and firmware vulnerabilities in 2023 compared with 2022.
- Compared with 2022, there was a decrease in firmware vulnerabilities (38% fewer), a decrease in hardware vulnerabilities (47% fewer) and an increase in software vulnerabilities (208% more), which is attributed to the growth of Intel’s Bug Bounty and security researcher engagement programs.
- Of the 353 vulnerabilities that were addressed in 2023, 256 were in software.
- In 2023, 89% of common vulnerabilities and exposures (CVEs) reported by external sources qualified for a bounty and a record 256 researchers engaged in Intel Bug Bounty programs.
- In 2023, AMD had more than 3.5 times as many vulnerabilities in its Chain of Trust/Secure Boot firmware components and features than Intel.
Product security assurance at Intel is an investment in people, processes, and tools extending from initial product development to the end of the product life cycle. It means that
customers can feel confident in Intel’s Security-First Pledge and that we actively work to deliver security without sacrificing performance.
Latest HRtech Interview Insights : HRTech Interview With Tommy Barav, Founder And CEO At TimeOS
[To share your insights with us, please write to pghosh@itechseries.com ]