Application Programming Interfaces (APIs) have emerged as useful tools that streamline business operations and enhance the digital experience for customers. As their use has proliferated, however, the importance of properly securing APIs is also becoming increasingly evident. API-related hacks and data breaches have impacted companies across nearly all sectors and geographies, resulting in skyrocketing remediation and legal costs for companies.

In this data-driven report, based on our scanning of over 200,000 cloud accounts, including more than 30% of the Fortune 100 environments, we analyze the latest industry trends and developments, presenting a factual and data-based assessment of the current state and progression of cloud technology. We examine how the cloud has evolved over the past year and attempt to shed light on some of the complexity of cloud environments, including aspects such as organizational usage of multi-cloud and both managed and non-managed services.

In the two years since our inaugural State of Observability report, we’ve seen the number of organizations getting started with observability rise substantially, and a whopping 87% of respondents now employ specialists who work exclusively on observability projects. There are plenty of good reasons so many businesses are jumping on the observability bandwagon. We surveyed 1,750 observability practitioners, managers and experts to examine that state of observability - from the success of today to the ambitions of tomorrow.

In this edition, we again focus on concentration of malicious activity by the same six categories we studied in the last edition in the Fall of 2021. We expect that some criteria will remain relevant over the foreseeable future; that is, as datapoints related to domain names, there are unlikely to become less forensically-valuable unless that internets fundamental structure changes. Other datapoints may wax and wane in relevance.

In this white paper, you’ll learn how to combat unwanted privilege escalation by reverse engineering the tactics that cybercriminals use. By seeing the world through the eyes of a hacker you’ll be able to identity the red flags of privileged-account attacks. And, you’ll know which techniques and tools to use to mitigate them.

Our annual survey is an opportunity to see where teams are succeeding with DevSecOps and where they might be struggling. Second, by capturing trends and movement in this market, we hope to give software development teams — from individual contributors to executives — insight into how to get the most out of their DevSecOps investments. This year’s survey respondents offered their views against the backdrop of a growing set of macroeconomic influences.

In our bi-annual AppSec Indicator report, we uncover insights and trends to guide best practices in vulnerability identification and remediation. For this year’s Spring edition of the Invicti AppSec Indicator, we analyzed data from 1.7 million scans conducted by the 1,700 customers that use our cloud dynamic application security testing (DAST) offering, representing approximately half of our entire customer base.

This report is based on our research and experience from the past year in securing enterprise cloud environments. We chose to focus on novel, notable, and high-impact risks that we believe you should be familiar with and include in your cloud security strategy for 2022.

This report aims to demonstrate the state of full stack security based on thousands of full stack assessments globally, delivered by the Edgescan SaaS during 2019. This report is still a joy to do as it gives decent insight into what’s going on from a trends and statistics perspective and overall state of cyber security. This report provides a glimpse of a global snapshot across dozens of industry verticals how to prioritize on what is important, as not all vulnerabilities are equal.

In this report, we highlight which industries and countries have the most robust cyber postures and which are lagging, as well as the most prevalent vulnerabilities. We also examine the scores across different industries, countries, and company sizes and provide recommendations and best practices on how to achieve a better cyber posture. This report is based on data gathered over two years of cyber assessments, spanning 15 countries and nearly a dozen industries. Each assessment includes an evaluation of the organization across seven different security domains, with a total of 312 data points.

This report will serve as a valuable resource for developers, security professionals, and decisions-makers committed to ensuring the security and integrity of their applications and data. We have never detected as many secrets and secrets sprawl has been accelerating yearly since 2020. Hard-coded secrets increased by 67% compared to 2021, whereas the volume of scanned commits rose by 20% (860M to 1.027B commits between 2021 and 2022).

In this report, sponsored by F5 Labs, we take a step back and examine the universe of vulnerabilities (defined by the CVE) and how it’s changed in the last 20 years. As you will see, we will find some surprising things along the way.

The goal of this report is to share our knowledge about the most commonly used attack techniques and their use cases, so that security teams can adopt a more threat- centric approach and prioritize threat prevention, detection, and response efforts.

In this report, we update the research summarized in the Capstone Report with current job opening data to compare the civilian cybersecurity and IT workforces with those in the U.S. government and the private sector. We also extend the DoD-private industry comparison research summarized in the Capstone Report by further examining the proportion of workers across a common taxonomy of cyber work roles, salaries paid across work roles, and demand for these jobs. Thus, this report both updates and expands upon the research presented in the Capstone Report.

By the end of 2022, 5G subscriptions are expected to reach 1 billion, and more smart 5G devices with additional capabilities are expected in the market during 2023. Our outlook for 2028 is that 5G subscriptions will pass 5 billion and Fixed Wireless Access (FWA) connections will reach 200 million, where 5G will account for almost 80 percent of FWA connections.

This report includes insights on internet security, cyber risk, and security trends that organizations have face over the last year and what they need to prepare for in 2023. We’re sharing the critical information and our insights to help decision-makers in the information security community and insurtech sectors better understand the cyber risk landscape. Coalition’s data set includes internet scans of 5.2 billion IP addresses-an impressive number that comprises the entire IPv4 address space and relevant IPv6 addresses.

The Trends in Identity Report that looks at the wide range of identity crimes committed against individuals as reported by the victims of those crimes. You’ll learn first-hand of the identity scams we see and how criminals convince people to willingly share information they know should be protected.

The past year, the VOID grew from 2,000 to nearly 10,000 incident reports from close to 600 organizations. We rigorously collect the same metadata, along with a new value: severity. This enabled us to investigate whether there is a relationship between the reported length of the incident and the impact (or severity) of the incident.

In this report, data reveals that on average, in 2021, a typical company with 400 developers would discover 1,050 unique secrets leaked upon scanning its repositories and commits. With each secret detected in 13 different places on average, the amount of work required for remediation far exceeds current AppSec capabilities: with a security-to-developers ratio of 1:100.

This report, Keeper’s second annual U.S. Cybersecurity Census, maps the transforming landscape of cybersecurity based on these expert insights. It provides leaders with a forensic assessment of the threats their businesses face, and details the urgent strategies necessary to overcome them.

In this edition, we look at the attacks and trends in the gaming industry during 2020. It was a volatile year, and we’re not just speaking about the pandemic. Web attacks targeting the gaming industry were up 340% year over year between 2019 and 2020, and credentials stuffing attacks were up 224%. Strangely enough, DDoS attacks against the gaming industry fell by nearly 20% during the same period.