In this edition of the State of the Internet/Security (SOTI) report, we continue to research the array of attacks observed in web applications and API, their impacts on the organization, and how vulnerabilities figure in the API landscape. Our goal is to illustrate the dangers posed by the web application and API attacks, with recommendations on how to successfully defend your network against such attacks.

The FutureSec State of Security Report 2023 is a comprehensive analysis of the current state of cybersecurity, highlighting the challenges and trends in the industry. The report reveals the increasing sophistication of cybercriminals and the emerging threat of cyber-warfare and cyberterrorism. With a significant shortage of skilled cybersecurity professionals, organizations are struggling to keep up with the rising threats and costs of data breaches. The report further discusses the concept of zero trust and how Softchoice can work with organizations from consultation to implementation to optimization. Download the report now to learn about the latest developments in cybersecurity and how to protect your organization.

The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among organizations in the EU. The report also gathers good practices on supply chain cybersecurity derived from European and international standards. It focuses primarily on the supply chains of ICT or OT.

For the last eight years, we’ve produced the State of DevOps report, hearing from over 33,000 professionals worldwide. We’ve outlined the DevOps practices that drive successful software delivery and operational performance, with a deep focus on security for the 2022 report.

Our annual survey is an opportunity to see where teams are succeeding with DevSecOps and where they might be struggling. Second, by capturing trends and movement in this market, we hope to give software development teams — from individual contributors to executives — insight into how to get the most out of their DevSecOps investments. This year’s survey respondents offered their views against the backdrop of a growing set of macroeconomic influences.

In this latest edition of the Invicti AppSec Indicator, we asked development and security practitioners how they deal with all the excess AppSec noise in the face of relentless pressure to deliver business-critical software on time without compromising security.

In our bi-annual AppSec Indicator report, we uncover insights and trends to guide best practices in vulnerability identification and remediation. For this year’s Spring edition of the Invicti AppSec Indicator, we analyzed data from 1.7 million scans conducted by the 1,700 customers that use our cloud dynamic application security testing (DAST) offering, representing approximately half of our entire customer base.

The purpose of our research is to raise awareness of the CISA KEV catalog and understand how many of these vulnerabilities are under active exploitation so that organizations can take action against their risk. In our research, we relied on the CISA KEV catalog, a notable source of information regarding vulnerabilities actively exploited in the wild. We analyzed the common vulnerabilities and exposures (CVEs) using GreyNoise and other resources and found the attack surface in the past and present.

In this report, we analyze data from Dark Reading’s survey that shows how security teams are struggling to keep up with the transformational changes to their business model and infrastructure. Many are partnering with security service providers, but they often struggle to get the most value from these partnerships. We show how organizations can optimize - and get the most out of - the relationships with their security solution provider partners.

In its 8th edition this year, the 2023 “Open Source Security and Risk Analysis” (OSSRA) report delivers our annual in-depth look at the current state of open source security, compliance, licensing, and code quality risks in commercial software. We share these findings with the goal of helping security, legal, risk, and development team better understand the open source security and license risk landscape.

CyberEdge’s annual Cyberthreat Defense Report (CDR) plays a unique role in the IT security industry. Other surveys do a great job of collecting statistics on cyberattacks and data breaches and exploring the techniques of cybercriminals and other bad actors. Our mission is to provide deep insight into the minds of IT security professionals.

In this report, we update the research summarized in the Capstone Report with current job opening data to compare the civilian cybersecurity and IT workforces with those in the U.S. government and the private sector. We also extend the DoD-private industry comparison research summarized in the Capstone Report by further examining the proportion of workers across a common taxonomy of cyber work roles, salaries paid across work roles, and demand for these jobs. Thus, this report both updates and expands upon the research presented in the Capstone Report.

This report is based on data gathered from billions of containers, thousands of cloud accounts, and hundreds of thousands of applications that our customers operated over the course of the last year. Our findings provide signs of hope for overburdened developers, as the data showed opportunities to focus remediation efforts on vulnerable packages loaded at runtime.

The goal of this Trend Report is to equip developers with the tools, best practices, and advice they need to help implement security at every stage of the SDLC.

The 2021 Cloud Security Report has been produced by Cybersecurity Insiders to explore how organizations are responding to the evolving security threats in the cloud and the continues shortfall of qualified security staff.

The 2021 Identity and Access Management Report reveals the increasing importance of managing access as part of an organization’s overall risk management and security posture in the new normal of hybrid work locations. The report highlights what is and what is not working for security operations teams in securing access to sensitive data, systems, and applications.

This report reveals that the expanded use of applications for business-critical applications, combined with the increased pace of application changes that come with DevOps methodologies, has created security challenges for organizations.

The 2022 State of Passwordless Security Report is based on a comprehensive survey of 411 technology professionals to explore the state of conventional and passwordless authentication, key drivers and barriers to adoption, and organizations’ technology preferences. Respondents range from technical executives to IT security practitioners, representing a cross-section of organizations of varying sizes across multiple industries.

The Google Cloud Threat Horizons Report brings decision-makers strategic intelligence on current and likely future threats to cloud enterprise users and the best original cloud-relevant research and security recommendations from across Google’s intelligence and security teams.

This report reveals the latest application security trends, how organizations protect critical applications, and what tools and best practices cybersecurity professionals prioritize to find, fix and prevent vulnerabilities in next-gen applications.

This report is based on the results of a comprehensive online global survey of 386 cybersecurity professionals, conducted in July 2022, to gain deep insight into the latest trends, key challenges, and solutions for application security. The respondents range from technical executives to managers and IT security practitioners, representing a balancing cross-section of organizations of varying sizes across multiple industries.