Between February and March 2022, Prevalent conducted a study on current trends, challenges and initiatives impacting third-party risk management (TPRM) practitioners worldwide.

Through a comparison of 1,000 enterprise organizations surveyed worldwide and real-world cloud use, this report uncovers the rise of Cloud-Native Breaches, disconnect between security practitioners and their leadership, and the state of multicloud adoption. Recommendations are given to defend against the new wave of Cloud-Native Breaches unique to Infrastructure-as-a-Service (IaaS) environments.

The report evaluates the responses of 465 global IT professionals who manage, advise, and participate in ITAM, SAM, and HAM activities in organizations of 1,000 or more employees. The insights gleaned from these responses provide vision into the strategic initiatives across these ITAM practices and practitioners.

In the face of non-stop cyber attacks affecting all firms large and small, the market has matured and skills levels have improved across the board. Importantly, insurers are paying back, but dynamics are changing and increasingly insurers are also demanding evidence of cyber robustness from their clients. The market is fast becoming less and less favorable to negligent buyers looking for silver bullets.

Over 5,100 IT and security professionals across 27 countries were asked about their organizations’ approaches to updating and integrating security architecture, detecting and responding to threats, and staying resilient when disaster strikes. They shared a wide range of insights, struggles, strategies, and successes. Responses were analyzed in multiple ways and key findings were extracted.

A survey driven analysis of 500 security leaders from firms with 700 or more employees and revenues of $500 million or more.

Part 2 of The Cloud Impact Study looks at the importance of security as a significant driver for cloud transformation, as well as how security and data protection concerns present a challenge that acts as the primary barrier to cloud transformation. This report explores how cloud computing can bolster the overall security of an organization, but as deployments become more complicated, so too does data governance and security.

This whitepaper explains a new vulnerability in Windows Server that is highly exploitable.

This report is based off an August 2020 survey, in order to better understand how companies should allocate finite resources, how decisions on cybersecurity are made, and more.

A survey of over 1,500 CIOs, CISO, and Chief Procurement Officers on their concerns and actions for supply chain management. This is a US specific version of the main report.

This report is based of a survey done in December 2019. It discusses changes they hope to make in tech conferences.

The initial global cybersecurity index report. Using a survey based approach, this report attempts to create a global index for the state of cybersecurity and establish country specific wellness profiles.

The 2020 OSSRA includes insights and recommendations to help security, risk, legal, and development teams better understand the open source security and license risk landscape.

A review of community members opinions on their prioritization for identity access management systems, the challenges implementing these solutions, and the desired capabilities when selecting IAM technologies.

The third annual report from Hacker One on the state of the hacker/security testing community. Data is drawn from Hacker One’s community of bug bounty registrants and subscribing platforms.

Lares encounters a seemingly endless number of vulnerabilities and attack vectors when we conducta penetration test or red team engagement, regardless of organization size or maturity. Though notevery engagement is identical, we have analyzed the similarities between hundreds of engagementsthroughout 2019 and the following list represents the most frequently observed penetration test findings we encountered.

For the fourth time, White Ops and the ANA have partnered to measure bot fraud in the digital advertising ecosystem. Previous studies measured bot fraud in the digital advertising ecosystem in August/September 2014, August/September 2015, and November/December 2016. This one studies November/December 2019.

This report outlines the state of open source security, including open source adoption, known vulnerabilities, and vulnerability identification.

In this fourth edition of BeyondTrust’s annual Privileged Access Threat Report, we’ll be exploring the 2019 threat landscape in detail, with a focus on how security decision makers are utilizing Privileged Access Management (PAM) solutions to mitigate these risks.

A report by DZone showing trends in the changing AppSec industry.

From the report, “The challenges facing security teams are, perhaps unfortunately, common knowledge by now. A constant rise in alert volume, a stark security skills gap, piecemeal processes, and siloed tools have made security operations a tough place to be. In 2018, Demisto commissioned a large study to delve deeper into these issues, their manifestations, and possible solutions. The 2019 report broadens the perspective from Security Orchestration, Automation, and Response (SOAR) to the security incident response lifecycle. Demisto commissioned a study with 552 respondents to find out specific challenges at each stage of the incident response lifecycle, how current product capabilities help overcome these challenges, and what capabilities are missing within security products today.”