When vulnerabilities influence product usage, Microsoft Exchange Server edition with @shodan data.

272k OWA servers when ProxyLogon RCE vuln was revealed. With follow on vulns ProxyShell and ProxyNotShell, numbers fell to 96k and still falling.

It's not a problem for Microsoft as they converted most of those customers to M365 subscriptions.

But I'm going through products with high profile RCE vulns, and basically customers are fleeing them. Threat actors are apex competitors.

It's kinda curious as, if you look at businesses, they are super hot on business intelligence (Microsoft knew everything about their competitors and how to suppress them, as an example).

But when a threat actor arrives with a vuln, many orgs just issue a CVE and pretend nothing is happening.

This isn't a dig at MS btw, as they're actually really good with high profile vulns in their own on prem products nowadays overall - they'll frequently give extensive details to hunt on.

Other vendors should learn from that.

@GossiTheDog Isn’t Microsoft trying to deprecate their own on-prem products and get everyone to be on their cloud products though for those sweet subscription fees?

@MisuseCase yep. You'll notice there's no guidance on cloud solutions for the same vulns XD

@GossiTheDog the problem we have here in Switzerland is that every federal entity like a city can’t use 365 because of our data protection law

@MisuseCase @GossiTheDog I also think this is the true cause of the decline, vulns probably just correlate (evidence: every other product with frequent ItW vulns)

@buherator @MisuseCase Netscaler.

@GossiTheDog @MisuseCase Neat! It'd be cool to show threats drive down product use predictably! Stocks on the other hand seem pretty stable, so I still don't know what this all tells about the market...

@buherator @GossiTheDog IIRC Microsoft’s stocks have gone up since they started aggressively moving to a subscription-based model for everything.

@buherator @MisuseCase Netscaler owners aren’t on the stock market.

It goes deeper than two products, the key on prem ones are getting impact in usage.

@GossiTheDog @MisuseCase I mean CTXS stock

@buherator @GossiTheDog Oh sorry I did not sleep well and haven’t had coffee yet.

@MisuseCase np, I tried to address @GossiTheDog anyway :)

@buherator @MisuseCase they stopped trading in 2022.

@GossiTheDog @MisuseCase Ahh I see thx!

@buherator @GossiTheDog @MisuseCase tbf stocks are a nonsense metric for business health anyway. it's all fickle whims and vibes. companies can post record losses after years of consistent unprofitability and the stock drops for all of five minutes, only to go straight back up and then some because the news cycle moved on, people buy the dip, trading makes it look desirable, trading tipsters start mentioning it, and it rebounds.

@buherator @GossiTheDog @MisuseCase the one that always gets me is when you have a company that's facing an existential legal challenge over worker rights or malpractice or something else horrible, and the stock goes *up* because they're in the news and investors view them as being unilaterally profit-focused and unencumbered by morality.

@gsuberland

@GossiTheDog @MisuseCase Competitive factors not withstanding, this is also symptomatic in most problem solving.

Companies are great at band-aids and containment.

They're terrible at root cause analysis and corrective action.

They're truly awful at prevention.

For me, another reminder of what a cybersecurity expert taught me in 2022 - if you want secure code, write quality code.