Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Boundary Defense

Below you will find reports with the tag of “Boundary Defense”

image from Exposed: Cyberattacks On Cloud Honeypots

Exposed: Cyberattacks On Cloud Honeypots

Contrary to popular belief, every device is worth hacking when the process is automated. It doesn’t matter who or where you are, if you own a company big or small, or have technology in the home – every device can be monetized by an enterprising criminal. Brute force login attempts are likely occurring on any online device. Yet the speed and scale of the problem can boggle the mind. Criminals are relentless and often competitive with one another to find, take over, and monetize your smart devices. The research you’ll find here, using honeypot devices across the internet, is a first step in attempting to quantify the issue.

(more available)
Added: April 19, 2019
image from Threat Detection Report

Threat Detection Report

An In Depth Look at the most prevalent ATT&CK techniques according to Red Canary’s historical detection dataset.

Added: March 26, 2019
image from The Deserialization Problem

The Deserialization Problem

The problem that occurs when applications deserialize data from untrusted sources is one of the most widespread security vulnerabilities to occur over the last couple years. This article will provide background on the deserialization vulnerability, describe the limitations of the existing mitigation techniques and explain why Waratek’s Compiler Based solution is ideal in solving this problem.

(more available)
Added: March 26, 2019
image from Prioritization To Prediction: Volume 3: Winning the Remediation Race

Prioritization To Prediction: Volume 3: Winning the Remediation Race

From the report, “The Prioritization to Prediction series is an ongoing research initiative between Kenna Security and the Cyentia Institute. The first volume proposed a model for predicting which of the numerous hardware and software vulnerabilities published each month were most likely to be exploited, and thus deserving of priority remediation. The second volume sought to apply and test that theoretical model using empirical data collected on billions of observed vulnerabilities. We ended the last report by analyzing vulnerability remediation timeframes across a sample of 12 firms. This third volume picks up where we left off and expands the analysis to roughly 300 organizations of different types and sizes. We leverage a technique called survival analysis to draw out important lessons about remediation velocity and capacity, concepts we explore and define during the course of this report. Overall, our goal is to understand what it means to survive—nay thrive—in the race of vulnerability remediation.” Read on to find out more.

(more available)
Added: March 16, 2019
image from Threat Report: Medical Devices

Threat Report: Medical Devices

This report takes a specific look back at connected medical device events that occurred in 2017.

Added: March 9, 2019
image from Will AI Change the Game for Cyber Security in 2018?

Will AI Change the Game for Cyber Security in 2018?

This report offers insight into the impact of AI from both the attackers, and the cybersecurity warriors.

Added: March 7, 2019
image from Hacker's Playbook 3rd Edition: Q4 2017

Hacker's Playbook 3rd Edition: Q4 2017

This third edition of the Hacker’s Playbook Findings Report continues in the tradition of reporting enterprise security trends from the point of view of an attacker. The findings represent anonymized data from many millions of SafeBreach breach methods executed within real production environments. This edition includes existing Hacker’s Playbook Findings Report data and new data from deployments between January 2017 and November 2017, with a combination of over 3,400 total breach methods and almost 11.5 million simulations completed. This report reflects which attacks are blocked, which are successful, and key trends and findings based on actual security controller effectiveness.

(more available)
Added: March 7, 2019
image from Holiday Shopping Season Threat Activity: 2018 Snapshot

Holiday Shopping Season Threat Activity: 2018 Snapshot

This brief but important report offers information into the events and data from the holiday shopping season of 2018.

Added: February 27, 2019
image from 2016 State of the Firewall Report

2016 State of the Firewall Report

FireMon is proud to present its 2nd Annual State of the Firewall Report based on a November 2015 survey of 600 IT security practitioners, representing a range of professional roles, organization sizes and industry verticals. Survey participants were asked 21 questions about their current firewall infrastructure and management challenges as well as questions about adoption and impact of emerging technologies such as NGFW, SDN and cloud. When compared with results from the 2015 study, the responses revealed three trends that this report will explore further: 1) Firewalls remain an extremely valuable part of the network security infrastructure; 2) Next-generation firewalls continue to see broad adoption, adding complexity to security management; and 3) Awareness around SDN and its impact on network security has increased.

(more available)
Added: February 18, 2019
image from The State Of Manual Reviews: 2018 Report

The State Of Manual Reviews: 2018 Report

The State of Manual Reviews: 2018 Report, brought to you by Kount and Paladin Group, provides survey results about manual review trends and best practices in the card-not-present (CNP) payments environment. It includes key performance indicators (KPIs) and demographic details related to participating merchants. In addition, participants in the survey shared insights about the tools, services, and solutions they employ for their manual review process.

(more available)
Added: February 16, 2019
image from Insider Hacks: How To Catch And Prosecute Fraudsters

Insider Hacks: How To Catch And Prosecute Fraudsters

From the report, “Partnering with retailers for over a decade to detect and prevent online fraud has unearthed many insights about eCommerce criminals. One insight is that while detecting and preventing fraudster attacks is good, it is even better to catch and prosecute. But gathering evidence and building a case can be complex. Kount asked Skip Myers and Chad Evans to share best practices and firsthand success stories with building, submitting cases and engaging with law enforcement to not only catch fraudsters, but to bring them to justice.”

(more available)
Added: February 16, 2019
image from The State of CNP False Positives: 2018 Report

The State of CNP False Positives: 2018 Report

Kount and The Fraud Practice designed the State of CNP False Positives survey because false positives are one of the least, if not the least, understood aspects of risk management. While merchants tend to focus directly on chargebacks and fraud losses, false positives are another major source of lost revenue but are often underestimated if not ignored altogether.

(more available)
Added: February 16, 2019
image from Global Fraud Attack Index: Second Quarter 2016

Global Fraud Attack Index: Second Quarter 2016

Forter and PYMNTS.com partnered together to track, analyze and report on the important trends happening in the world of fraud as it relates to payments and commerce online. Every quarter we will monitor how fraud attempts, reflected as a percent of U.S. sales transactions, on U.S. merchant websites are trending. Up? Down? Stable? Time to panic? Hopefully not.

(more available)
Added: February 13, 2019
image from Profile of A Fraudster

Profile of A Fraudster

This report offers insight into 6 different fraud profiles in the online world.

Added: February 13, 2019
image from Reducing Phishing Risk In The SOC

Reducing Phishing Risk In The SOC

This whitepaper is intended to help firms understand how security automation can accelerate analyst response time to incoming phishing alerts and minimize the impact of these malicious attacks on their environment.

(more available)
Added: February 12, 2019
image from Industry Cyber-Exposure Report: Fortune 500

Industry Cyber-Exposure Report: Fortune 500

From the report, “To understand current levels of exposure and resiliency, Rapid7 Labs measured 4532 of the 2017 Fortune 500 List3 for: • Overall attack surface (the number of exposed servers/devices); • Presence of dangerous or insecure services; • Phishing defense posture; • Evidence of system compromise; • Weak public service and metadata configurations; and • Joint third-party website dependency risks.” Read on to find out more.

(more available)
Added: February 9, 2019
image from National Exposure Index 2018

National Exposure Index 2018

In 2016, Rapid7 Labs launched the National Exposure Index in order to get a measurable, quantitative answer to a fairly fundamental question: What is the nature of internet exposure—services that either do not offer modern cryptographic protection, or are otherwise unsuitable to offer on the increasingly hostile internet—and where, physically, are these exposed services located? Now in our third year, we continue this ongoing investigation into the risk of passive eavesdropping and active attack on the internet, and offer insight into the continuing changes involving these exposed services. We’ve also added a third dimension for exposure, “amplification potential,” in the wake of the disastrous memcached exposure uncovered in 2018.

(more available)
Added: February 9, 2019
image from Defeat Evasive Malware

Defeat Evasive Malware

In this whitepaper, they look at three categories of approaches taken by malware to evade sandboxes and explore techniques associated with each approach.

(more available)
Added: February 7, 2019
image from Kovter the Click-Fraud Fileless Malware

Kovter the Click-Fraud Fileless Malware

This report includes detailed technical information discovered during our analysis of the forensics artifacts collected from the affected systems by the AIR Module. The report provides detailed information about the key processes used by AIR to review the malicious activity and detect the infection quickly. We also break down the encoding techniques, the registry operation, and the protection and communication mechanisms used by Kovter.

(more available)
Added: February 6, 2019
image from Is Your Endpoint Security Strategy Too Negative?

Is Your Endpoint Security Strategy Too Negative?

From the report, “An OS-Centric Positive Security isn’t a silver bullet, but it can be a tremendously valuable and complementary defense mechanism—your second or last line of defense. The majority of endpoint security solutions deployed today are based on the Negative Security model; so, it’s time to add a Positive Security solution to strengthen your endpoint protection.” Read on to find out more.

(more available)
Added: February 6, 2019
image from The Anatomy of an Attack Surface: Five Ways Hackers are Cashing In

The Anatomy of an Attack Surface: Five Ways Hackers are Cashing In

From the report, “For security teams, the sheer depth and breadth of what they need to defend may seem daunting, but thinking about the Internet from an attacker’s perspective —a collection of digital assets that are discoverable by hackers as they research their next campaigns— can put the massive scope of their organization’s attack surface into perspective. In this report, we’ll highlight five areas that we feel help to better frame the challenges faced in keeping the Internet a safe environment, all of which underline a need to broaden awareness of the potential risks involved to foster a more informed approach to cyber defense.”

(more available)
Added: February 6, 2019
  • ««
  • «
  • 2
  • 3
  • 4
  • 5
  • 6
  • »
  • »»
© Cyentia Institute 2025
Library updated: June 21, 2025 04:08 UTC (build b1d7be4)