The 2022 State of Security Posture Report reveals that cybersecurity teams are struggling to measure and improve their security posture as their organizations move to the cloud and as their leadership increasingly expects them to measure cyber risk in monetary terms due to the rise of ransomware and the general impact of cyber attacks to business. (more available)

The 2022 Vulnerability Management Report is based on a comprehensive survey of over 390 cybersecurity professionals in September 2022 to gain insights into the latest trends, key challenges and solutions preferences for vulnerability management. (more available)

The 2022 State of Security Posture Report reveals that cybersecurity teams are struggling to measure and improve their security posture as their organizations move to the cloud and as their leadership increasingly expects them to measure cyber risk in monetary terms due to the rise of ransomware and the general impact of cyber attacks to business. (more available)

In this report, the findings show that in order to resolve the attack surface management challenges facing organizations, IT and security teams need to invest in solutions that automate and centralize monitoring of internet-facing assets and provide greater insights into vulnerabilities. (more available)

This report dives into major security challenges, while also providing guidance for how enterprises can close the gap between what attackers see and what defenders think they’re protecting. (more available)

In our first State of the Cybersecurity Attack Surface report, we look at this issue, with data from visibility into more than 500,000 IT assets. (more available)

The 2022 Attack Surface Management Maturity Report has been produced by Cybersecurity Insiders, the 500,000 member online community of information security professionals, to explore the current state, exposures, and priorities that organizations need to consider to fortify their security posture. (more available)

Based on a survey of over 4,800, this report reviews the practices that lead to positive outcomes for security programs. Linking together practices that are more (or less) successful to the characteristics of positive outcomes, this report aims to give guidance for where practitioners can focus their efforts to achieve similar outcomes. (more available)

The annual report on the composition and findings of security testing as powered by BugCrowd’s bug bounty platform of nearly 3,500 security testers. (more available)

In this report, we will address the aforementioned questions using data that Forescout Technologies has carefully gathered, tested and validated from all forms of device networks and the applications they support. (more available)

P2P Volume 5 focuses on the differences between asset types (OS) and how vulnerabilities are treated on different platforms.

Risk Based Security has been sharing our Vulnerability QuickView reports with the world, providing detailed analysis on the vulnerability landscape based on data from our vulnerability intelligence product, VulnDB . (more available)

From the report, “After working with hundreds of security professionals and covering over 1 million assets at some of the world’s most innovative brands, the team at Axonius has identified 5 things that security teams discover when they automate cybersecurity asset management. (more available)

This study was designed to examine the growing concern of cyber risks and the importance of cyber assessment during mergers and acquisitions (M&A) and determine how well companies are prepared to deal with cyber risk during M&A from the perspective of IT Decision Makers (ITDMs) and Business Decision Makers (BDMs). (more available)

The essays in this eBook provide a wealth of information and present an inside look at an aspect of cybersecurity that is still not well understood. (more available)

This report takes an inside look at Industrial Control Systems and the need for them to be updated for the new Cyber Security Threats. (more available)

This report has been produced in partnership with the 400,000 member Cybersecurity Insiders community of IT security professionals to explore how AWS user organizations are responding to security threats in the cloud, and what tools and best practices IT cybersecurity leaders are prioritizing in their move to the cloud. (more available)

From the report, “Much like DevOps itself, pervasive automation is equal parts process, tooling, and culture. Taking the journey represents a collective commitment by the entire organization, one where the goal is realizing the competitive advantage offered by software automation. (more available)

This paper provides a checklist to address CIS Critical Security Controls.

This paper navigates decision-makers through the issues surrounding a specific technology or business case, explores the business value of adoption, and recommends the range of considerations and concrete next steps in the decision-making process. (more available)

This report is based on a survey, that is intended to provide a community perspective on what security operations centers (SOCs) look like within organizations across the globe, as well as data and guidance to enable organizations to build, manage, maintain and mature effective and efficient SOCs. (more available)