The 2022 A10 Networks DDoS Threat Report provides insights into DDoS activity during the past six months including origins of activity; the growth of DDoS weapons and botnets; the role of malware in the propagation of DDoS weapons and attacks; and the steps organizations can take to protect against such activities.

In Q4 2019 an unprecedented concentration of DDoS attacks on US networks was observed, with more than 1,000 victims identified in various states. Whether motivated by politics, profiteering, crime or other malicious purposes, attacks were frequent and impactful.

In this report, the analysis conducted by our research team identifies vulnerabilities and measures attack trends worldwide to provide a comprehensive view of DDoS threats. Nexusguard is able to evaluate DDoS events in a manner that is not biased by any single set of customer or industries. Many zero-day threats are first seen on our global research network.

This report is based on data collected from the Imperva global network throughout 2021. The data is composed of hundreds of billions of blocked data bot requests, anonymized over thousands of domains. The goal os this report is to provide meaningful information and guidance about the nature and impact of these automates threats.

Censys maintains the most comprehensive view of assets on the Internet by continuously scanning the public IPv4 address space across the 3,500 most popular ports. This Internet-wide scan data also powers our Attack Surface Management (ASM) product, which comprehensively maps organizations’ Internet exposure. This data allows us to understand broader trends in Internet security and how organizations are exposed across the Internet.

This study leverages a vast dataset spanning over 77,000 cyber events experienced by 35,000 organizations over the last decade. This dataset is drawn from Advisen’s Cyber Loss Data, which contains over 138,000 cyber events collected from publicly verifiable sources.

In this report, data reveals that on average, in 2021, a typical company with 400 developers would discover 1,050 unique secrets leaked upon scanning its repositories and commits. With each secret detected in 13 different places on average, the amount of work required for remediation far exceeds current AppSec capabilities: with a security-to-developers ratio of 1:100.

This report is based on cybercrime attacks detected by the Digital Identity Network from July-December 2021, during near real-time analysis of consumer interactions across the customer journey, from new account creations, logins, payments and other non-core transactions such as password resets and transfers.

As companies embrace cloud native technologies as part of their digital transformation, security is seen as a key factor to building successful platforms. While only 36% of respondents stated that security was one of the main reasons for moving their production applications into containers, 99% of respondents recognize that security as an important element in their cloud native strategy.

The Zscaler Zero Trust Exchange houses the largest security data set in the world, collected from over 300 trillion signals and 160 billion daily transactions - more than 15x the volume of Google searches each day. Zscaler’s ThreatLabz threat research team analyzed this data from the last nine months of 2021, assessing threats in encrypted traffic over the span.

Omdia conducted a comprehensive comparative analysis of the output of 11 organizations that disclose information security vulnerabilities. The data collected for this report stems from multiple courses, including the following: primary internal research, individual vendor interviews, open course publications and publicly disclosed reports.

This report includes incidents that occurred during 2015-2019. A total of 3,547 claims were analyzed, and data was distilled into over 100 categories. To compare, the fifth Cyber Claims Study, published in 2015, analyzed 207 cyber insurance claims. While many of the categories over the last five years have remained the same, the data has changed, sometimes dramatically.

This study, based on over 2,000 cyber claims, provides a comprehensive view of recent cyber claim events. The 2019 report also included data from NetDiligence studies published in 2015-2018, representing 1,008 events that occurred in 2014 to 2017. After the elimination claims that were less than $1,000, the combined dataset included 2,081 events, each one a data breach insurance claim.

For this report, Snyk surveyed more than 400 cloud engineering and security professionals to better understand the cloud risks and challenges they face, and how they’re successfully improving their cloud security efforts.

In this edition, we look at the attacks and trends in the gaming industry during 2020. It was a volatile year, and we’re not just speaking about the pandemic. Web attacks targeting the gaming industry were up 340% year over year between 2019 and 2020, and credentials stuffing attacks were up 224%. Strangely enough, DDoS attacks against the gaming industry fell by nearly 20% during the same period.

In this report, Bulletproof looks back on a fascinating year in the world of cyber security and compliance, with a keen eye on emerging patterns for what to expect in 2022 and beyond. Assessing data from our SIEM platform, honeypots, penetration testing and compliance services gives us a great insight into new cyber security threats and the state of cyber defenses across various industries.

Mimecast’s State of Email Security 2022 (SOES) study sheds light on the gains in cyber resilience that many companies are making, even as it reveals shortfalls and places where there is considerable room for improvement.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats to help organizations protect their systems. During May and June, CTU researchers identified the following noteworthy issues and changes in the global threat landscape: government-sponsored threat groups use ransomeware to, don’t leave the door to your data unlocked, and business email compromise (BEC) is as big a problem as ransomeware.

The State of XIoT Security report is Claroty’s contextual analysis of cyber-physical security. The data presented in this edition of the report covers the first six months of 2022, and sheds light on the key trends and recommended actions you can apply within your enterprise.

The year’s Global Economic Crime and Fraud Survey enquired about organizations’ attitudes towards fraud and financial and economic crime in the current environment and drew responses from 1,296 respondents in 53 countries and regions. This survey, our first snapshot of 2022, homed in on fraud trends and conduct risk.

This report shares insights from the XM Cyber Research team’s analysis of the Attack Path Management platform from January 1st, 2021 - December 31st, 2021. The Impact report begins with a close look at the methodology of attack paths and then reveals the impact of attack techniques used to compromise critical assets across organizations, whether hybrid, on-prem or multi-cloud.