Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Application Security

Below you will find reports with the tag of “Application Security”

image from International Anti-Botnet Guide 2018

International Anti-Botnet Guide 2018

From the report, “While the developers of this Guide strongly support the important role that governments play in convening a diverse ecosystem, the imposition of prescriptive, compliance-focused regulatory requirements will inhibit the security innovation that is key to staying ahead of today’s sophisticated threats. Moreover, earlier policy efforts were based on utopian solutions to these threats, premised on the notions that internet service providers (ISPs) can simply shut down all botnets, or that manufacturers can make all devices universally secure. Instead, dynamic, flexible solutions that are informed by voluntary consensus standards, driven by market demands, and implemented by stakeholders throughout the global digital economy, are the better answer to these evolving systemic challenges.”

(more available)
Added: December 4, 2018
image from NotPetya: One Year Later

NotPetya: One Year Later

“Almost immediately following the WannaCry cyberattack, the NotPetya malware affected countries and organisations around the globe that had strikingly similar repercussions and lessons to take away. This attack exemplified the chronic failings organisations and nation-states continue to have despite the blatant and ongoing threats cyberspace poses. With cyber threats remaining a critical issue for organisations, there is still a great deal organisations need to do to mitigate these for future resilience.”

(more available)
Added: November 29, 2018
image from Cloud Native Security Report: Watching The Honeypots

Cloud Native Security Report: Watching The Honeypots

This report is the first in a bi-annual series that examines risks and attacks in the cloud native computing ecosystem. The next report will be released in the first half of 2019.

(more available)
Added: November 20, 2018
image from State of Cybersecurity Report 2018

State of Cybersecurity Report 2018

The first edition of the “State of Cybersecurity report” was well received by customers, industry analysts and cybersecurity professionals. The 2018 edition of the Report maintains the same unique structure to build on the first edition’s ethos and bring in new viewpoints and findings. The rest of this section is reproduced from last year’s report for the benefit of first-time readers.

(more available)
Added: November 20, 2018
image from Now Tech: Container Security, Q4 2018

Now Tech: Container Security, Q4 2018

You can use container security tools to secure critical applications, speed development efforts, and tamperproof your containers. But to access these benefits, you’ll first have to select from a diverse set of vendors — vendors that vary by size, functionality, geography, and vertical market focus. Security pros should use Forrester’s Now Tech report to understand the value they can expect from a container security provider and select vendors based on size and functionality.

(more available)
Added: November 20, 2018
image from Turla group using Neuron and Nautilus tools alongside Snake malware

Turla group using Neuron and Nautilus tools alongside Snake malware

This report provides new intelligence by the NCSC on two tools used by the Turla group to target the UK. It contains IOCs and signatures for detection by network defenders.

(more available)
Added: November 15, 2018
image from Cybersecurity Realities and Priorities for 2018 and Beyond

Cybersecurity Realities and Priorities for 2018 and Beyond

In late 2017 and early 2018, the Enterprise Strategy Group (ESG) completed a research survey of 413 IT and cybersecurity professionals with knowledge of, or responsibility for, the planning, implementation, and/or operations of their organization’s security policies, processes, or technical safeguards. Survey respondents were in the United States, U.K., and Australia and worked at enterprise organizations (i.e., more than 1,000 employees). Respondents represented numerous industry and government segments, with the largest participation coming from financial services (i.e., banking, securities, insurance, 18%), manufacturing (16%), retail/wholesale (13%), health care (12%), and information technology (10%).

(more available)
Added: November 6, 2018
image from Independent Study Pinpoints Significant SCADA/ICS Cybersecurity Risks

Independent Study Pinpoints Significant SCADA/ICS Cybersecurity Risks

“Many businesses and government agencies have embraced supervisory control and data acquisition (SCADA) systems or industrial control systems (ICS) in recent years, but the technologies face major security challenges. Nearly 6 in 10 organizations using SCADA or ICS that were surveyed by Forrester Consulting in a study commissioned by Fortinet indicate they experienced a breach in those systems in the past year—and many of those organizations are adding to their risk by allowing technology and other partners a high level of access into their systems. Most organizations also report connections between their traditional IT systems and their SCADA/ICS, introducing the potential for outside hackers to penetrate these control systems.”

(more available)
Added: November 4, 2018
image from State Of Software Security Volume 9

State Of Software Security Volume 9

“For a long time now, SOSS has provided a reliable yardstick for the most common vulnerabilities found in software, as well as how organizations are measuring up to security industry benchmarks throughout the software development lifecycle (SDLC). One thing we’ve always wanted to understand better, though, is how quickly these organizations are actually fixing flaws once they’ve been identified in application security scans. This year, we turned our data analysis up a notch by working with the data scientists at Cyentia Institute, so that we could gain better visibility into the factors that go into fixing flaws. Readers will find valuable insight on how factors like flaw severity, business criticality of applications, and exploitability of the flaws change the rate at which certain vulnerabilities are fixed.”

(more available)
Added: November 4, 2018
image from 2016 Vulnerability Statistics Report

2016 Vulnerability Statistics Report

This document discusses the vulnerabilities discovered by edgescanTM over the past year – 2016. The vulnerabilities discovered are a result of providing “Fullstack” continuous vulnerability management to a wide range of client verticals; from Small Businesses to Global Enterprises, From Telecoms & Media companies to Software Development, Gaming, Energy and Medical organisations. The statistics are based on the continuous security assessment & management of over 57,000 systems distributed globally.

(more available)
Added: October 26, 2018
image from A SaaS Provider Survival Guide

A SaaS Provider Survival Guide

This report covers performance, security, and encryption essentials for online applications.

Added: October 26, 2018
image from A Survival Guide To Using GPL

A Survival Guide To Using GPL

This white paper discusses the principals of the GNU Public License (GPL), the risks of using GPL-licensed code, and how GPL code may be used in proprietary products while minimizing legal compliance issues.

(more available)
Added: October 26, 2018
image from An Attack Pathway Into Your Organization? There's An App For That

An Attack Pathway Into Your Organization? There's An App For That

Recommendations for securing and managing privileged credentials used by enterprise applications

Added: October 26, 2018
image from Quarterly Threat Report Q2 2018

Quarterly Threat Report Q2 2018

This Quarterly report continues Rapid7’s excellent work of providing insight to the threats they have witnessed during the 2nd Quarter of 2018.

(more available)
Added: October 26, 2018
image from 2015 Vulnerability Statistics Report

2015 Vulnerability Statistics Report

This document discusses the vulnerabilities discovered by edgescanTM over the past year – 2015. The vulnerabilities discovered are a result of providing continuous vulnerability management to a wide range of client verticals; from Small Businesses to Global Enterprises; Telecoms & Media, Software Development, Gaming, Energy and Medical organizations.

(more available)
Added: October 25, 2018
image from 2018 Application Protection Report

2018 Application Protection Report

In this report, they examine that series of interacting tiers—application services, application access, Transport Layer Security (TLS), domain name services (DNS), and the network—because each one is a potential target of attack.

(more available)
Added: October 25, 2018
image from 2018 Global Study On Application Security

2018 Global Study On Application Security

Ponemon Institute is pleased to present the findings of the 2018 Global Study on The State Application Security sponsored by Arxan Technologies. We surveyed 1,399 IT and IT security practitioners in the United States, European Union and Asia-Pacific to understand the risk unprotected applications pose to businesses when running in unsecured environments and how they are addressing this risk in practice.

(more available)
Added: October 25, 2018
image from 7 Bug Bounty Myths Busted

7 Bug Bounty Myths Busted

This report answers some questions about Bug Bounty organizations.

Added: October 25, 2018
image from How To Instrument For Adanced Web Application Penetration Testing

How To Instrument For Adanced Web Application Penetration Testing

This technical white paper describes a new approach to identifying your most critical web application vulnerabilities faster and at lower cost.

(more available)
Added: October 25, 2018
image from FDA Should Further Integrate Its Review of Cybersecurity Into the Premarket Review Process for Medical Devices

FDA Should Further Integrate Its Review of Cybersecurity Into the Premarket Review Process for Medical Devices

This report from the U.S. Department of Health And Human Services, offers insight into how the FDA has taken steps to address emerging cybersecurity concerns in networked medical devices by issuing guidance, reviewing cybersecurity information in submissions, and—when needed—obtaining additional information from manufacturers. It also discusses how the FDA could take additional steps to more fully integrate cybersecurity into its premarket review process.

(more available)
Added: October 24, 2018
image from Healthcare And Life Sciences: Closing The SaaS Security Gap

Healthcare And Life Sciences: Closing The SaaS Security Gap

This paper seeks to help improve the IT situation in the Healthcare industry.

Added: October 24, 2018
  • ««
  • «
  • 5
  • 6
  • 7
  • 8
  • 9
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 1, 2025 20:08 UTC (build b1d7be4)