This report specifically talks about NotPetya.

This Paper provides a breakdown of New York’s 23 NYCRR500 Financial Security requirements.

This book provides some good guidance for app security testing. It seeks to assist enterprises with solving the issues surrounding app security.

This monthly threat report takes a look at the month of February 2018. Specifically, it looks at how Agent Tesla works, cryptocurreny malware, ransomware’s refusal to die, and Turla APT updating their malware after public advisories.

In this, the eighth volume of this report, they present metrics that are based on real application risk postures, drawn from code-level analysis of nearly 250 billion lines of code across 400,000 assessmnets performed over a period of 12 months between April 1, 2016 and March 31, 2017.

This paper provides 5 key takeaways from a survey of IT professionals and executives who make software purchasing decisions for their organization.

Accenture and NowSecure, Inc. analyzed the mobile banking app threat landscape based on industry research, customer-facing mobile banking app vulnerability assessments performed by NowSecure, and Accenture’s industry knowledge and experience working with banking institutions. They collaborated to create a report that was designed to provide an understanding of the current- state security environment for customer- facing mobile banking apps, as well as answer some key questions about the state of mobile banking app security.

This Threat Report takes a look at some of the events of late 2017. Specifically, it looks at self-propagating malware, a specific Microsoft Office vuln, and multiple espionage campaigns that target energy utility companies.

The experts at TrustWave have prepared this report to outline the issues and practices for web application firewall management.

This paper discusses DevOps and the security issues related to DevOps.

This is an annual report that provides an inside look into the economics and emerging trends of bug bounties, with data collected from Bugcrowd’s platform and other sources throughout 2016. This report is published on a yearly basis for CISOs and other security decision makers to provide a transparent look at the evolving bug bounty market.

This report mines that data and details to provide an inside look to the economics and emerging trends of managed bug bounty programs.

This report seeks to clarify how app-centric security approaches can aid flexibility in a rapidly changing mobile world.

This paper seeks to aid the reader with choosing a mobile app integration solution.

Neustar’s 2015 DDoS Attacks and Protection Report spotlights the risks you face, and shows how companies throughout North America are aggressively defending themselves. The major change this year is the significant increase in the use of hybrid solutions (on-premises hardware plus cloud-based mitigation).

This report takes a look a the Trojan, Dridex.

This whitepaper provides an excellent resource for understanding SQL Injection attacks, in a web application environment.

From the report, “Application security (AppSec) is maturing for most organizations, according to the 475 respondents who took the SANS 2016 State of Application Security survey. In it, respondents recognize the need for AppSec programs and are working to improve them, despite a lack of the necessary skills, lack of funding and management buy-in, and silos between departments hampering their AppSec programs.”

This Report provides key takeaways from the vulnerability issues of 2017.

This paper offers insight into smart cities and the dangers of exposed devices on the network.

This report breaks down four strategic pillars of handling vulnerability management.