Omdia conducted a comprehensive comparative analysis of the output of 11 organizations that disclose information security vulnerabilities. The data collected for this report stems from multiple courses, including the following: primary internal research, individual vendor interviews, open course publications and publicly disclosed reports. (more available)

As organizations adopt modern software development processes leveraging cloud platforms, they are looking to incorporate security processes and controls into their software development lifestyle (SDLC) processes. (more available)

We wanted to gain insights into the experience of security teams who are at the helm of their organization’s detection and response operations and uncover more about what they experience each day. (more available)

Palo Alto Networks surveyed 3,000 cloud security and DevOps professionals from around the world to gain insight into organizations’ cloud adoption strategies, budgets, experiences, and future plans. (more available)

This report incorporates not only the malware zoo, but new analysis for what is being detected in the wild. Also added: statistics detailing the top MITRE ATT&CK techniques observed in Q4 2020 from Criminal/APT groups. (more available)

An insurance oriented treatment on key trends impacting cyber insurance, based upon meta-analysis from several sources, including Advisen, McKinsey, Sophos and others. (more available)

Do exploit code releases help or harm defenders? We decided to put this hotly contested debate to the test. The seventh volume of the Prioritization to Prediction series produced in conjunction with the Cyentia Institute attacks this debate from all angles. (more available)

This report aims to capture hard data on the experiences of stakeholders who are impacted by IAM processes and technologies, and the impact of current IAM practices on security risks and business operations. (more available)

This report looks at the malware used by a group called Sunburst. It gives a detailed timeline of attacks, and the code used in them. (more available)

This sixth volume of the Prioritization to Prediction series combines vulnerability data from Kenna’s customers with additional intelligence from Fortinet and others. (more available)

This study explores data privacy challenges for organizations that are trying to maintain digital trust with their customers, along with the evolving privacy landscape and its impact on consumers. (more available)

A survey of 260 cyber insurance brokers and 190 cyber insurers, on the challenges and opportunities in the cyber insurance space. (more available)

This report looks at the 10 most impactful factors in cybersecurity success for the next decade.

A survey of 1,000 insurance professionals and risk managers from 56 countries on their beliefs on the impact of COVID-19 and cyber exposure. (more available)

The 2020 Intricately Cloud Security Market Report unpacks global cloud security trends surrounding the growth of application security.

This report explains the findings of a study the did, showing that seeking the exact technology to solve your newest, most pressing security concern may actually be multiplying security gaps that slow you down instead of simplifying your security environment. (more available)

A review of the cybersecurity job market in the UK, the nature and extent of skill gaps and shortages. A combination of surveys, qualitative research with firms, and a review of job postings. (more available)

This report sought to understand the health and security of Free and Open Source Software (FOSS) as it is today. It identifies the most commonly used free and open source software components in production applications, and examines them for potential vulnerabilities. (more available)

The third edition of Infosecurity Magazine’s annual report. A survey of 75 respondants with approximately 1/3 academic, 1/3 industry, and 1/3 investors. (more available)

A survey-based report from March 2020 on the impacts of staff shortages in the cybersecurity industry. A special focus on remote work and COVID-19 impacts. (more available)

This report from Cisco proves 10 cyber security myths false.