Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Application Security

Below you will find reports with the tag of “Application Security”

image from 2024 Software Vulnerability Snapshot

2024 Software Vulnerability Snapshot

The findings provide insights into the current state of security for web-based applications and systems, and the potential impact of security vulnerabilities on business operations in high-risk sectors. The report examines how DAST offers a crucial complement to other security testing methods, such as static application security testing (SAST) and software composition analysis (SCA), and provides a unique perspective on application security by mimicking real-world attack scenarios.

(more available)
Added: February 19, 2025
image from The State of ASPM 2025

The State of ASPM 2025

This year’s findings provide a deeper look into the critical challenges and opportunities shaping application security as organizations grapple with growing attack surfaces, tool sprawl, and the rapid adoption of generative AI.

(more available)
Added: December 19, 2024
image from The 2024 Tidelift State Of The Open Source Maintainer Report

The 2024 Tidelift State Of The Open Source Maintainer Report

This is the sixth year in a row Tidelift has conducted a survey about open source and the third time it focused exclusively on the maintainers who create and maintain the open source projects we all depend on. The most cited stat from that previous survey was that 60% of maintainers described themselves as unpaid hobbyists. We asked the same question again this year to see if things had changed.

(more available)
Added: September 24, 2024
image from OWASP MASVS Benchmark Report

OWASP MASVS Benchmark Report

OWASP MASVS sets a minimum bar for mobile app developers to follow when building apps securely and provides security teams with the ideal testing strategy as part of the organization’s proof of controls. NowSecure benchmark mobile application security testing analysis shows 95% of nearly 6,500 leading mobile apps fail at least one of the seven OWASP MASVS categories.

(more available)
Added: September 4, 2024
image from 2024 State of Software Supply Chain Security

2024 State of Software Supply Chain Security

To understand the current state of software supply chain security (SSCS) we surveyed 900 AppSec professionals in US, Europe and APAC based organizations across a wide range of industries. The findings show an increased sense of awareness with more than half of respondents acknowledging that SSCS is a top or significant area of focus. However, only 7% have already purchased and implemented an SSCS-specific product.

(more available)
Added: August 21, 2024
image from SANS Application & API Security Survey 2024

SANS Application & API Security Survey 2024

In this report, one clear finding from the survey was that it is important to test throughout the application lifecycle using a variety of methods. Although testing early continues to be important, having visibility into and being able to monitor and test deployed applications is still critical. Although security testing capabilities have also improved, the value of individual testing capabilities has changed in response to increased threats and changing application architectures.

(more available)
Added: August 10, 2024
image from The 2022 Attack Resistance Report

The 2022 Attack Resistance Report

Several trends in the way we work and consume technology have resulted in an ever-expanding cyberattack surface for organizations of all sizes. Comprehensive digital transformation across enterprises, the rise in cloud adoption, the normalization of working from anywhere, and Internet of Things (IoT) initiatives have resulted in an explosion of new applications, along with an increased rate of iterations and updates.

(more available)
Added: May 31, 2024
image from Hacker-Powered Security Report: Industry Insights '21

Hacker-Powered Security Report: Industry Insights '21

HackerOne’s Hacker-Powered Security Report: Industry Insights leverages data from real-world vulnerability reports to provide insight into the fastest-growing vulnerability categories, how bounty prices are changing year over year, and which industries are fastest to fix. The most innovative CISOs stay ahead of cybersecurity threats and mitigate vulnerabilities by augmenting internal teams and security testing tools with a skilled and engaged hacking community.

(more available)
Added: May 22, 2024
image from 2024 State of Software Security Report

2024 State of Software Security Report

This report represents organizations that are proactively integrating tools like Veracode into their AppSec programs. Organizations without scanning integrated into their development processes will likely have a higher prevalence of security flaws than shown here. The results do show a steady downward trend over the last eight years. We’re particularly encouraged to see that the prevalence of high-severity flaws has dropped to half of what it was back in 2016.

(more available)
Added: May 2, 2024
image from 2024 Secure Cloud Networking Field Report

2024 Secure Cloud Networking Field Report

This survey conducted by Aviatrix explores the trends impacting global cloud, networking, and security practitioners, and how they’re impacting the bottom line for enterprises worldwide. This report will look more closely at the causes and impacts of these findings, as well as recommendations for improving enterprise and industry outcomes in the future.

(more available)
Added: April 22, 2024
image from The State of Security Observation 2023

The State of Security Observation 2023

Security Observability is a technique of using logs, metrics, and traces to infer risk, monitor threats, and alert on breaches. It is a critical technique for security professionals to embrace. Security professionals use observation of system behavior to detect, understand, and stop new, unknown attacks. The Observe Data Lake approach gives customers the power they need to see how systems and people interact over time. Better security for less spend with Observe. We’ve been surveying the Observability field for years at Observe via our State of Observability Report, but this year is our first survey to focus on Security Observability. We talked to 500 security professionals to understand their current approach to security and how it’s intersecting with observability.

(more available)
Added: April 12, 2024
image from State of the Cybersecurity Attack Surface - October 2023

State of the Cybersecurity Attack Surface - October 2023

In our third State of the Cybersecurity Attack Surface report, we continue to see enterprises struggle with many of the same issues they’ve been grappling with—they are blind to IT assets missing endpoint protection, patch management, and, as we now include in this report, vulnerability management. “Stale” IT assets continue to proliferate across corporate networks. Organizations are unnecessarily paying for unused licenses while facing budget cuts and economic challenges.

(more available)
Added: April 6, 2024
image from The State of Secrets Sprawl 2024

The State of Secrets Sprawl 2024

Our research sheds light on a concerning trend: 90% of exposed valid secrets remain active for at least five days after the author is notified. This finding emphasizes a crucial lesson in code security: while detecting vulnerabilities is critical, the real challenge lies in remediation. Security, we believe, must be a shared responsibility across all stages of the Software Development Life Cycle (SDLC), not just the domain of specialized teams. Raising awareness about these seemingly minor lapses is essential for mitigating supply chain risks.

(more available)
Added: March 23, 2024
image from The Future of Application Security 2024

The Future of Application Security 2024

The third annual Future of Application Security survey reveals how key stakeholders are responding to this challenge. We surveyed 1504 developers, CISOs, and AppSec managers from a broad range of industries across the US, Europe, and Asia-Pacific regions. The responsibility has shifted away from dedicated security teams and is now shared between AppSec managers and developers.

(more available)
Added: March 5, 2024
image from 2024 Open Source Security and Risk Analysis Report

2024 Open Source Security and Risk Analysis Report

This report uses data from the Synopsys Black Duck Audit Services team’s analysis of anonymized findings from 1,067 commercial codebases across 17 industries during 2023. The Audit Services team has helped security, development, and legal teams around the world strengthen their security and license compliance programs for over 20 years. The team audits thousands of codebases for our customers each year, with the primary aim of identifying software risks during merger and acquisition (M&A) transactions.

(more available)
Added: March 5, 2024
image from 2024 Sate of IT Operations Report

2024 Sate of IT Operations Report

In this year’s report, 500 U.S.-based ITOps professionals express how automation increases their IT agility –reducing costs and enhancing endpoint management capabilities. The report also reveals that less than half (44%) of organizations have high ITOps agility, with the most agile showing mature uses of AI and workflow automation tools.

(more available)
Added: February 22, 2024
image from H1'2023 Automotive Cyber Trend Report

H1'2023 Automotive Cyber Trend Report

In this report, we’ll discuss three automotive-related cybersecurity emerging risks we’ve identified in 2023, arising from the rapid proliferation of SDVs. Growth in backend attacks allowing access to sensitive vehicle data and controls, the ever-evolving SBOM and the critical role it plays in enhancing automotive threat intelligence and cyber are on the rise in the agriculture, construction, and heavy machinery industries that fare fast to adopt software-defined and autonomous capabilities.

(more available)
Added: December 15, 2023
image from Software Supply Chain Security Risk Report

Software Supply Chain Security Risk Report

In April 2023, ReversingLabs partnered with Dimensional Research to survey 321 security and IT professionals on their software supply chains for its report, “Software Supply Chain Security Risk Survey.” This analysis presents key findings and actionable recommendations for security organizations in four key areas: traditional applications security shortcomings, software supply chain complexity and security, security in software development and enterprise-wide security risks.

(more available)
Added: November 6, 2023
image from The 2023 Cybersecurity Research Report

The 2023 Cybersecurity Research Report

The objective with this research was to gather the perspectives and priorities of global IT leaders who are considering leveraging cybersecurity best practices to spur growth in their organizations. Through the survey, we were able to pinpoint areas of investment, operational challenges and potential threats while gauging an outlook on the future.

(more available)
Added: October 18, 2023
image from Coalfire's 5th Annual Penetration Risk Report

Coalfire's 5th Annual Penetration Risk Report

Coalfire’s 5th Annual Penetration Risk Report confirms that enterprise security teams in key industry sectors are starting to embrace continuous penetration testing as a core component of a comprehensive defensive strategy. The report reveals gaps on an expanding attack surface, showing that organizations face ever-greater difficulties mitigating modern attacks.

(more available)
Added: September 26, 2023
image from 2023 State of Mobile App Security

2023 State of Mobile App Security

Today’s apps are multifunctional, combining communication, collaboration, and commerce. The fragmentation of mobile devices, cloud computing, and third-party components and services have changed how apps store, transmit, and process data. As a result, sensitive information is at risk thanks to the expansion of the attack surface and the rapid evolution of threats.

(more available)
Added: September 21, 2023
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Cyentia Institute 2025
Library updated: June 21, 2025 12:08 UTC (build b1d7be4)