Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Picus

Below you will find reports with the source of “Picus”

image from The Red Report 2025

The Red Report 2025

The Red Report 2025 focuses on the top ten most frequently observed MITRE ATT&CK techniques, presenting a roadmap for organizations to use to understand and prioritize their defenses. From process injection and credential theft to impairing defenses and data exfiltration over encrypted channels, these techniques represent the core strategies employed by todayʼs attackers to achieve their objectives.

(more available)
Added: February 12, 2025
image from The Blue Report 2024

The Blue Report 2024

This year’s report introduces results from the Attack Path Validation (APV) and Detection Rule Validation (DRV) products on the Picus platform, offering deeper observations into organizational preparedness against automated penetration tests and the effectiveness of detection rules in SIEM systems. It provides perspective into the current state of cybersecurity and recommends Continuous Threat Exposure Management (CTEM) for those working to adopt a holistic approach.

(more available)
Added: August 20, 2024
image from Picus Red Report 2024

Picus Red Report 2024

Marking its fourth year of publication, the Red Report 2024 provides a critical dive into the evolving threat landscape, presenting a detailed analysis of adversaries’ most prevalent tactics, techniques, and procedures (TTPs) used throughout the past year. Conducted by Picus Labs, this annual study examines over 600,000 malware samples and assesses more than 7 million instances of MITRE ATT&CK techniques. It gives security teams invaluable insights into the techniques that pose the most critical cyber risk to organizations.

(more available)
Added: February 14, 2024
image from The Red Report 2023

The Red Report 2023

The goal of this report is to share our knowledge about the most commonly used attack techniques and their use cases, so that security teams can adopt a more threat- centric approach and prioritize threat prevention, detection, and response efforts.

(more available)
Added: February 27, 2023
image from The Red Report 2021

The Red Report 2021

The Red Report 2021 reveals an increase in the number of average malicious actions per malware. Another key finding of the report is that T1059 Command and Scripting Interpreter is the most prevalent ATT&CK technique, utilized by a quarter of all the malware samples analyzed. This report also reveals that five of the top ten ATT&CK techniques observed are categorized under the TA005 Defense Evasion tactic.

(more available)
Added: May 20, 2022
© Cyentia Institute 2025
Library updated: July 5, 2025 20:08 UTC (build b1d7be4)