In this report, you will find details about security, compliance, services, alerting, and Kubernetes usage patterns. This information can be useful for determining the real-world state of security and usage for container environments at companies around the world, from a broad range of industries. (more available)

The goal of the SANS 2021 Cloud Security Survey is to provide additional insights into how organizations are using the cloud today, the threats security teams are facing in the cloud, and what they’re doing to improve security posture in the cloud. (more available)

In this report, you will find further detail about security, compliance, services, alerting, and Kubernetes usage patterns. This information can be useful for determining the real-world state of security and usage for container environments at companies around the world, from a broad range of industries. (more available)

Weak passwords abound, and ATO is interrupting services critical to every aspect of online life: working, streaming, ordering, paying, and just plain connecting. (more available)

These findings are based on the data we gather front the billions of containers that our customers run over the course of a year. (more available)

The State of Pentesting 2022 Report focuses on issues and stats that are relevant to both security and development teams: to separate these two inextricably linked groups would only yield a partial picture of the security landscape. (more available)

This report will give a snapshot of 2020’s mobile threat landscape and dive into emerging trends we anticipate carrying into 2021. (more available)

Through a comparison of 1,000 enterprise organizations surveyed worldwide and real-world cloud use, this report uncovers the rise of Cloud-Native Breaches, disconnect between security practitioners and their leadership, and the state of multicloud adoption. (more available)

The report evaluates the responses of 465 global IT professionals who manage, advise, and participate in ITAM, SAM, and HAM activities in organizations of 1,000 or more employees. (more available)

This report looks at the entire history of active applications, not just the activity associated with the application over one year. (more available)

A review of domain registration, hosting, and content-related data on attack patterns and trends.

A survey of recent breaches occurring over the past year as identified and classified via AuditAnalytic’s commercial database of breach information. (more available)

A continued look at “ripple events” - multi-party security events - examining the size and frequency of these events, firmographics, as well as the velocity of spread of such events. (more available)

This annual report covers data from 1,602 penetration tests conducted in 2020 as well as survey information from 601 firms in the pursuit of understanding secure development, vulnerability remediation, and opportunities for process improvements. (more available)

Get best practices on managing your open source libraries in our State of Software Security v11: Open Source Edition report. Based on 13 million scans of more than 86,000 repositories, SOSS v11: Open Source Edition gives you a unique perspective on the open source libraries in codebases today, how organizations are managing the security of these libraries, and best practices on using open source code securely. (more available)

This report looks at data breach events in 2020. It then compares key aspects and trends of these breaches to data breaches in previous years. (more available)

This report covers vulnerabilities disclosed this year. It aims to help the reader navigate the current vulnerability landscape. It provides valuable insight into vulnerability trends and how they are impacting organizations. (more available)

A review of the threat volume and characteristics affecting e-commerce.

This report examines publicly disclosed data breach events, and describes trends and key changes for Q3 2020.

The 2020 edition of this annual report uses results of software scan patterns and results across thousands of global customers. A focus for this edition is the effects of nature (the corporate environment of applications) vs. (more available)

This edition of the State of the Internet (SOTI)/Security report series focuses on the retail and hospitality sectors. An extensive review of how credential abuse attacks are carried out from both a methodology perspective and a volumetric angle is given. (more available)