Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Tenable

Below you will find reports with the source of “Tenable”

image from Tenable's 2020 Threat Landscape Retrospective

Tenable's 2020 Threat Landscape Retrospective

Tenable Research takes that approach to equip our customers and the industry at large with the tools, awareness and intelligence to effectively reduce risk. To further those goals, SRT has complied this 2020 Threat Landscape Retrospective, which offers both a macro look at the trends that shaped the year as well as the detailed compendium of key vulnerabilities. The insights and data provided in these pages are designed to help cyber defenders learn from the past in order to build cybersecurity strategies that protect critical infrastructures, supply chains and data while respecting privacy.

(more available)
Added: March 7, 2023
image from The Ransomware Ecosystem

The Ransomware Ecosystem

Our goal with this report is to help demystify the ransomware ecosystem by exploring the key players involved, as well as the techniques and tactics utilized by ransomware operations and their affiliates to infiltrate organizations and distribute ransomware payloads. We also provide a list of the most common vulnerabilities likely to be exploited as part as a ransomware attack, to help security practitioners prioritize remediation.

(more available)
Added: March 6, 2023
image from Meta - Curious Organizations Relay Cybersecurity Concerns Even As They Plunge Into Virtual Worlds

Meta - Curious Organizations Relay Cybersecurity Concerns Even As They Plunge Into Virtual Worlds

The study, conducted by Opinion Matters on behalf of Tenable, surveyed 1,500 professionals representing roles in cybersecurity, DevOps and IT engineering. The study offers insights into what organizations perceive as the greatest risks and reward of investing in the metaverse and the level of development required to take such as major step safely.

(more available)
Added: March 6, 2023
image from Tenable 2022 Threat Landscape Report

Tenable 2022 Threat Landscape Report

Tenable’s Security Response Team (SRT) continuously monitors the threat landscape throughout the year, putting us at the forefront of trending vulnerabilities and security threats. From this vantage point, we complied and categorized our data from this annual report. In a year marked by tense geopolitics, hacktivism, ransomware and attacks targeting critical infrastructure - all alongside a turbulent macroeconomic environment - organizations struggled to keep pace with the demands on their cybersecurity teams and resources.

(more available)
Added: March 6, 2023
image from Tenable's 2021 Threat Landscape Retrospective

Tenable's 2021 Threat Landscape Retrospective

The goal of this report is to help defenders understand the fulls cope of today’s modern attack surface so they can continue to refine their cybersecurity strategies and reduce risk. In this report, we explore the most notable vulnerabilities of the year and how they were used in attack chains, with specific focus on the value of Active Directory to threat actors.

(more available)
Added: December 16, 2022
image from The Risk of the Business-Aligned Security Executive

The Risk of the Business-Aligned Security Executive

A survey of 416 security and 425 business executives, combined with telephone interviews of five business and security executives to explore the strategies and practices and medium and large enterprises. Covers board level visibility, explaining the company’s risk posture, risk management, and the role of cybersecurity in business strategy.

(more available)
Added: August 5, 2020
image from Persistent Vulnerabilities, Their Causes and the Path Forward

Persistent Vulnerabilities, Their Causes and the Path Forward

Covers the long tail of vulnerability patching, whereby vulnerabilities that are not fixed soon after detection can linger for months or more before being addressed. Makes the case for better prioritization mechanisms.

(more available)
Added: June 5, 2020
image from How Lucrative are Vulnerabilities? A Closer Look at the Economics of the Exploit Supply Chain

How Lucrative are Vulnerabilities? A Closer Look at the Economics of the Exploit Supply Chain

this report t explores the vulnerability-to-exploit (V2E) cybercrime and cybersecurity supply chain, outlines the players in the different market segments and provides insights into the related economic drivers.

(more available)
Added: November 26, 2019
image from Predictive Prioritization: Data Science Lets You Focus On the 3% Of Vulnerabilities Likely To Be Exploited

Predictive Prioritization: Data Science Lets You Focus On the 3% Of Vulnerabilities Likely To Be Exploited

This technical whitepaper explains the challenges cybersecurity professionals face, how they’re prioritizing vulnerabilities today and how they can dramatically improve cyber risk management with Predictive Prioritization – the process of re-prioritizing vulnerabilities based on the probability that they will be leveraged in an attack.

(more available)
Added: July 10, 2019
image from Help America Vote Act (HAVA) Funding and Critical Infrastructure Security

Help America Vote Act (HAVA) Funding and Critical Infrastructure Security

This report offers insights and guides into the new Help America Vote Act.

Added: February 12, 2019
image from Quantifying The Attacker's First-Mover Advantage

Quantifying The Attacker's First-Mover Advantage

This report measures the difference in days between when an exploit for a vulnerability becomes publicly available (Time to Exploit Availability) and when a vulnerability is first assessed (Time to Assess). A negative delta indicates that the attacker has an opportunity to exploit a vulnerability before the defender is even aware of the risk. The sample set used for this analysis is based on the 50 most prevalent vulnerabilities from nearly 200,000 unique vulnerability assessment scans.

(more available)
Added: February 12, 2019
image from Cyber Defender Strategies: What Your Vulnerability Assessment Practices Reveal

Cyber Defender Strategies: What Your Vulnerability Assessment Practices Reveal

In this report we analyze real-world end-user vulnerability assessment (VA) behavior using a machine learning (ML) algorithm to identify four distinct strategies, or “styles.” These are based on five VA key performance indicators (KPIs) which correlate to VA maturity characteristics. This study specifically focuses on key performance indicators associated with the Discover and Assess stages of the five-phase Cyber Exposure Lifecycle. During the first phase – Discover – assets are identified and mapped for visibility across any computing environment. The second phase – Assess – involves understanding the state of all assets, including vulnerabilities, misconfigurations, and other health indicators. While these are only two phases of a longer process, together they decisively determine the scope and pace of subsequent phases, such as prioritization and remediation. The actual behavior of each individual enterprise in the data set, in reality, exhibits a mixture of all VA Styles. For the purposes of this work, enterprises are assigned to the specific style group with which they most closely align. We provide the global distribution of VA Styles, as well as a distribution across major industry verticals.

(more available)
Added: February 12, 2019
image from 2018 Application Security Report

2018 Application Security Report

This report is based on the results of a comprehensive online survey of 437 cybersecurity professionals conducted from June through August 2018 to gain deep insights into the latest application security threats faced by organizations and the solutions to prevent and remediate them. The respondents range from executives to managers and IT security practitioners. They represent organizations of varying sizes across many industries.

(more available)
Added: February 12, 2019
image from Measuring & Managing the Cyber Risks to Business Operations

Measuring & Managing the Cyber Risks to Business Operations

Measuring & Managing the Cyber Risks to Business Operations, which was sponsored by Tenable and conducted by Ponemon Institute, reveals global trends in how organizations are assessing and addressing cybersecurity risks. We conclude from the findings that current approaches to understanding cyber risks to business operations are failing to help organizations minimize and mitigate threats. We surveyed 2,410 IT and IT security practitioners in the United States, United Kingdom, Germany, Australia, Mexico and Japan. All respondents have involvement in the evaluation and/or management of investments in cybersecurity solutions within their organizations. The consolidated global findings are presented in this report.

(more available)
Added: December 14, 2018
image from Vulnerability Intelligence Report

Vulnerability Intelligence Report

In this report, they provide an overview of current vulnerability disclosure trends and insights into real-world vulnerability demographics in enterprise environments. they analyze vulnerability prevalence in the wild, based on the number of affected enterprises, to highlight vulnerabilities that security practitioners are dealing with in practice - not just in theory.

(more available)
Added: November 16, 2018
image from Trends In Security Framework Adoption

Trends In Security Framework Adoption

This report, is based on a survey of 338 IT and security professionals in the US. The goal of the survey was to quantify adoptions of security frameworks.

(more available)
Added: October 26, 2018
image from 2017 Global Cybersecurity Assurance Report Card

2017 Global Cybersecurity Assurance Report Card

A survey-based report of over 700 individuals. The survey and resulting analysis was perfomed by CyberEdge.

Added: October 25, 2018
image from Using Security Metrics to Drive Action

Using Security Metrics to Drive Action

An Annual Showcase of Data Breaches.

Added: October 13, 2018
image from 2016 Global Cyersecurity Assurance Report Card

2016 Global Cyersecurity Assurance Report Card

“The objective of this inaugural Tenable Network Security research study is to measure how enterprise IT security professionals view their organization’s ability to assess cybersecurity risks and to mitigate threats that can exploit those risks. In doing so, Tenable has developed the industry’s first Global Cybersecurity Assurance Report Card, which assigns indices and grades to responding organizations globally, by country, and by industry based on the responses of the security practitioners themselves.”

(more available)
Added: October 12, 2018
© Cyentia Institute 2025
Library updated: July 9, 2025 00:09 UTC (build b1d7be4)