This report investigates the ways in which organizations can support engineering productivity through initiatives such as supporting information search, more usable deployment toolchains, and reducing technical debt through flexible architecture, code maintainability, and viewable systems.

A survey of over 300 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

Most blogs or papers about crypto-ransomware typically focus on the threat’s delivery, encryption algorithms and communication, with associated indicators of compromise (IOCs). This research paper takes a different approach: an analysis of the file system activity or behaviors of prominent crypto-ransomware families (hereafter, simply called ransomware).

The goal of this initiative was to identify trends impacting cyber security decisions, the top cyber security priorities for 2020 and beyond, the focus of risk mitigation strategies, and to highlight the overall beliefs and perceptions held by senior executives regarding the state of the cyber threat landscape and how the cyber security industry, governments and regulatory agencies are responding to their needs.

An analysis of threat actors and key action patterns based upon CrowdStrike’s threat hunting human analyst team over the first half of 2019.

The PSR has the unique role of measuring the strengths and weaknesses of the PCI DSS and tracking the sustainability of compliance. It also measures and tracks challenges associated with implementing and maintaining security controls required for PCI DSS compliance.

This publication from Fortinet looks at how the threat landscape has changed in the third quarter of 2018 by doing data-driven analysis with some noteworthy events pulled from Q3 2018 headlines.

This 2019 edition of the SANS Security Operations Center (SOC) Survey was designed to provide objective data to security leaders and practitioners who are looking to establish a SOC or optimize their existing SOCs. The goal is to capture common and best practices, provide defendable metrics that can be used to justify SOC resources to management, and to highlight key areas on which SOC managers can focus to increase the effectiveness and efficiency of security operations.

The VIPR report (Verizon Incident Preparedness and Response Report) outlines preparations and responses to data breaches. This includes 6 phases, planning and preparation, detection and validation, containment and eradication, collection and analysis, remediation and recovery, and assessment and adjustment.

A survey based report on the attitudes and beliefs of security professionals to the challenges and opportunities in cloud security.

In this eBook, they’ll cover: • The Insider Threat investigation process with security solutions like Security Information and Event Management (SIEMs) • What an investigation looks like within ObserveIT, a dedicated insider threat management platform, including: – Proactive threat hunting – Reactive alert investigations after a known incident

From the report, “The challenges facing security teams are, perhaps unfortunately, common knowledge by now. A constant rise in alert volume, a stark security skills gap, piecemeal processes, and siloed tools have made security operations a tough place to be. In 2018, Demisto commissioned a large study to delve deeper into these issues, their manifestations, and possible solutions. The 2019 report broadens the perspective from Security Orchestration, Automation, and Response (SOAR) to the security incident response lifecycle. Demisto commissioned a study with 552 respondents to find out specific challenges at each stage of the incident response lifecycle, how current product capabilities help overcome these challenges, and what capabilities are missing within security products today.”

This research was commissioned by Kenna Security. Kenna collected and provided the remediation dataset to the Cyentia Institute for independent analysis and drafting of this report.

This is a summary of vulnerability trends observed and investigated by the eSentire Security Operations Center (SOC) in 1H 2019.

This paper uses a unique and MARVEL-ous approach to provide insight into maintaining a robust cybersecurity posture in today’s fast-paced world.

This report seeks to explore user knowledge of a broad range of best practices for cyber hygiene, security and compliance.

The Bromium Threat Insights Report is updated on a regular basis to track notable threats and the information gleaned from them.

This report focuses specifically on data threats in the healthcare industry.

This paper discusses the top five Cybersecurity Technology Buying Trends.

From the report, “After working with hundreds of security professionals and covering over 1 million assets at some of the world’s most innovative brands, the team at Axonius has identified 5 things that security teams discover when they automate cybersecurity asset management. In this short paper, we’ll review each of these findings, discuss their security implications, and show how automating asset management can both find and resolve these challenges.”

The 2019 Malware Report was produced by Cybersecurity Insiders and HelpSystems to reveal the latest malware security trends, challenges, and investment priorities.