While the number of extended internet of things security flaws reported during the first six months of 2022 was relatively unchanged from the second half of 2021, significant improvements were found in vendors' vulnerability discovery and reporting methods, according to SecurityWeek. Vendor self-disclosures displaced independent security researchers as the second most active flaw reporters for the first time, behind third-party firms, a Claroty report found. "The improvement in vendor disclosures is down to the growing maturity of the cyber/physical market," said Claroty Vice President of Research Amir Preminger. The report also showed that firmware patches rose from 21% during the second half of 2021 to 40% in the first half of 2022, indicating growing vendor maturity. "Its a continuation of a trend we've been seeing for a couple of years. Currently, it is strongest in the big cyber/physical companies such as Siemens and less so with the smaller boutique vendors," Preminger added.