Summary is AI-generated, newsdesk-reviewed
  • ThingsRecon study reveals over 800,000 high-severity issues in enterprise digital assets.
  • Digital hygiene failures include unencrypted logins, misconfigured certificates, and dangling DNS records.
  • Enterprises need continuous visibility to mitigate overlooked vulnerabilities and security risks.
Related Links

ThingsRecon, a pioneer in external attack surface discovery and supply chain intelligence, has released the results of its first industry-wide study into the state of digital hygiene across enterprises. 

The research analyzed more than 770,000 digital assets, including applications, domains, IPs, scripts, and certificates, across multiple organizations. The findings uncovered over 800,000 high-severity hygiene issues. That’s more issues than assets, meaning that on average every digital asset carried at least one serious weakness. 

Other key findings  

  • Every application checked carried more than one issue on average (110% issue density) 
  • Nearly two-thirds of domains showed multiple weaknesses (165% issue density) 
  • 1 in 3 certificates were misconfigured (33%) 

Cyber hygiene failures

DNS records were found across 6,000 applications, while nearly 1 in 5 apps carried an exploitable misconfiguration

In one organization running 2,700 applications, 21 were found exposing unencrypted login forms, leaving credentials vulnerable to interception. In another case, 1,100 dangling DNS records were discovered across 6,000 applications, while nearly 1 in 5 apps carried an exploitable misconfiguration. 

These results show that cyber hygiene failures are systemic, not isolated,” said Stephane Konarkowski, Chief Product Officer and Co-Founder of ThingsRecon, adding “From unencrypted logins to dangling DNS records, attackers don’t need advanced exploits to gain access; they just take advantage of overlooked basics.” 

Other internet-facing services

Importantly, the study only considered high-severity hygiene issues across applications, domains, and certificates. It did not include medium- and low-level hygiene issues, APIs, software and third-party components, public IP infrastructure, traditional software vulnerabilities (CVEs) or other internet-facing services. That means the true scale of unreported weaknesses is far greater than the 800,000 reported above. 

Stephane Konarkowski added: “Our findings highlight that enterprises urgently need continuous, external visibility of their digital surfaces. Even the world’s largest organizations are overlooking fundamentals that create real-world risk.”

Find out about secure physical access control systems through layered cybersecurity practices.

Related videos

Insta DomainLink Secret™

Insta DomainLink Secret™
Wan 2.2-S2V Demo Video: Female Singer

Wan 2.2-S2V Demo Video: Female Singer
Dahua MultiVision Online Event - Look Wider, Protect Deeper

Dahua MultiVision Online Event - Look Wider, Protect Deeper

In case you missed it

What Are Emerging Applications For Physical Security In Transportation?
What Are Emerging Applications For Physical Security In Transportation?

Transportation systems need robust physical security to protect human life, to ensure economic stability, and to maintain national security. Because transportation involves moving...

Gallagher's Perimeter Solutions With Fortified Partnership
Gallagher's Perimeter Solutions With Fortified Partnership

Global security manufacturer Gallagher Security is proud to announce a strategic partnership with Fortified Security, a pioneering perimeter systems integrator with over 30 years o...

Genetec's Role In Data Sovereignty For Security
Genetec's Role In Data Sovereignty For Security

Genetec Inc., the global pioneer in enterprise physical security software, highlights why data sovereignty has become a central concern for physical security leaders as more survei...

Featured white papers
The Key To Unlocking K12 School Safety Grants

The Key To Unlocking K12 School Safety Grants

Download
Honeywell GARD USB Threat Report 2024

Honeywell GARD USB Threat Report 2024

Download
Physical Access Control

Physical Access Control

Download
The 2024 State Of Physical Access Trend Report

The 2024 State Of Physical Access Trend Report

Download
The Security Challenges Of Data Centers

The Security Challenges Of Data Centers

Download
More corporate news
ROAMEO Gen 4 Deployments Boost RAD-M Growth

ROAMEO Gen 4 Deployments Boost RAD-M Growth
Audio Vivid: UWA's Milestone In Pro Tools Integration

Audio Vivid: UWA's Milestone In Pro Tools Integration
Entrust & Mastercard Boost Fraud Prevention Collaboration

Entrust & Mastercard Boost Fraud Prevention Collaboration
Featured products
Climax Mobile Lite: Advanced Personal Emergency Response System (PERS)

Climax Mobile Lite: Advanced Personal Emergency Response System (PERS)
Hanwha Vision OnCAFE: Cloud-Based Access Control for Modern Enterprises

Hanwha Vision OnCAFE: Cloud-Based Access Control for Modern Enterprises
Delta Scientific MP100 Portable Barricade Solution

Delta Scientific MP100 Portable Barricade Solution