2022 Report Highlights Intel’s Commitment to Product Security Assurance

Rhea-AI Summary

Intel has released its 2022 Product Security Report, reaffirming its dedication to securing products. The report highlights that 93% of the 243 vulnerabilities addressed were mitigated thanks to Intel's proactive investments. Additionally, 137 vulnerabilities (56%) were identified internally by Intel staff, while 90 of the 106 vulnerabilities reported by external researchers were through Intel’s Bug Bounty program. The report underscores the importance of managing security even post-product launch and illustrates Intel's commitment to security assurance through various initiatives and strong product development practices.

Positive

• Intel's proactive investments led to addressing 93% of vulnerabilities.
• 137 of the 243 vulnerabilities were discovered internally (56%).
• 85% of vulnerabilities reported by external researchers came through the Bug Bounty program.

Negative

• None.

The report reflects Intel’s continued product security assurance investments and includes a review of vulnerabilities discovered and mitigated in 2022

SANTA CLARA, Calif.--(BUSINESS WIRE)-- Intel today published its Product Security Report for 2022, underscoring the company’s long-standing commitment to product security assurance. The fourth-annual report demonstrates that Intel’s proactive investments were responsible for finding and mitigating 93% of all vulnerabilities addressed over the past four years.

On Feb. 22, 2023, Intel published its Product Security Report for 2022, underscoring the company’s long-standing commitment to product security assurance. The fourth-annual report demonstrates that Intel’s proactive investments were responsible for finding and mitigating 93% of all vulnerabilities addressed over the past four years. (Credit: Intel Corporation)

Additional key findings from the report include:

• 93% of the 243 vulnerabilities addressed in 2022 directly resulted from Intel’s proactive investments in product security assurance.
• 137 (56%) of the 243 common vulnerabilities and exposures (CVEs) published in 2022 were discovered internally by Intel employees.
• Of the 106 vulnerabilities reported by external researchers in 2022, 90 vulnerabilities (85%) were reported through Intel’s Bug Bounty program.

According to a Ponemon study, customers prefer vendors that proactively find, mitigate and communicate security vulnerabilities. The majority of potential vulnerabilities are found and mitigated during the product development process. However, strong product security also lies in the ability to expertly manage any issues found after a product is in the market. Intel’s commitment to security assurance investments through the right people, processes and tooling span both product development and support and servicing times. This also includes dozens of hackathon events, Intel’s innovative Bug Bounty and Project Circuit Breaker programs, an industry-leading Product Security Incident Response Team (PSIRT), Security Development Lifecycle (SDL), Long-Term Retention Lab, security and academic research partners – including the first researcher-in-residence program for university professors – and, most important, Intel’s Security-First Pledge.

Attacks are becoming more sophisticated, and security cannot be taken for granted. System trust is rooted in security: If hardware isn’t secure, then a system cannot be secure. Intel’s longstanding commitment to security, both within the company and across the entire technology ecosystem, has never been stronger.

More: 2022 Product Security Report | Chips & Salsa (Video Series) | InTechnology (Podcast Series)

About Intel

Intel (Nasdaq: INTC) is an industry leader, creating world-changing technology that enables global progress and enriches lives. Inspired by Moore’s Law, we continuously work to advance the design and manufacturing of semiconductors to help address our customers’ greatest challenges. By embedding intelligence in the cloud, network, edge and every kind of computing device, we unleash the potential of data to transform business and society for the better. To learn more about Intel’s innovations, go to newsroom.intel.com and intel.com.

© Intel Corporation. Intel, the Intel logo and other Intel marks are trademarks of Intel Corporation or its subsidiaries. Other names and brands may be claimed as the property of others.

View source version on businesswire.com: https://www.businesswire.com/news/home/20230222005045/en/

Jennifer Foss

1-425-765-3485

jennifer.foss@intel.com

Source: Intel

FAQ

What are the key findings of Intel's 2022 Product Security Report?

The report indicates that 93% of vulnerabilities addressed in 2022 were due to Intel's proactive security investments, with 137 (56%) found internally and 90 out of 106 reported by external researchers via the Bug Bounty program.

How many vulnerabilities did Intel address in 2022?

Intel addressed a total of 243 vulnerabilities in 2022.

What percentage of vulnerabilities were discovered through Intel's initiatives?

93% of the vulnerabilities addressed in 2022 were mitigated through Intel's proactive security initiatives.

What is Intel's Bug Bounty program?

Intel's Bug Bounty program is an initiative that encourages external researchers to report security vulnerabilities, contributing to a significant portion of vulnerabilities identified.

When was Intel's 2022 Product Security Report published?

Intel published its 2022 Product Security Report on February 22, 2023.