The goal of this report is to help security professionals remain at the forefront of securing organizations, as its content is based on real-world techniques employed by attackers to target cloud-based environments. As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in sophistication and number – a collective effort to safeguard both large enterprises and small businesses alike is key.

In this report, we shed light on these vulnerabilities and how they impact commercial and federal organizations today. We provide insights from a survey of IT security and data science leaders navigating these challenges. We share predictions driven by data from HiddenLayer’s experiences securing AI in enterprise environments. Lastly, we reveal cutting-edge advancements in security controls for AI in all its forms.

COVID-19 has dramatically changed the workplace and has created new cybersecurity risks and exacerbated existing risks. The purpose of this research, sponsored by Keeper Security, is to understand the new challenges organizations face in preventing, detecting and containing cybersecurity attacks in what is often referred to as “the new normal”. All respondents in this research are in organizations that have furloughed or directed their employees to telework because of COVID-19.

The 2023 State of Web Application Security Report investigates the evolving security practices, tools, and technologies employed by organizations worldwide to enhance file upload security. 97% of survey participants reported using containers in environments that host web applications. Additionally, web applications that accept file uploads are increasingly being hosted on cloud-based platforms, including both Infrastructure as a Service (IaaS) and Software as a Service (SaaS) solutions

This report covers the threat landscape, as encountered by our sensors and analysts in the first half of 2023. General malware data presented in the report is gathered from January–May of this year, and reflects threats targeting endpoints that we observed in these months. The report represents a global outlook and is based on over 1,000,000 unique endpoints distributed around the world. Most of the statistics discussed focus on threats for Windows operating systems, as these are much more prevalent then those targeting macOS and Linux.

In 1H 2023, we observed significant activity among advanced persistent threat (APT) groups, a rise in ransomware frequency and complexity, increased botnet activity, a shift in MITRE ATT&CK techniques used by attackers, and more. As we examine activity in the first half of 2023, we see cybercrime organizations and nation-state cyber-offensive groups swiftly adopting new technologies. Notably, some of these actors operate much like traditional enterprises, complete with well-defined responsibilities, deliverables, and objectives.

This is the second annual survey of organizations who suffered cyberattacks with a key focus to compare the viewpoints of four different roles that are involved in cyber-preparedness and/ or mitigation: Security professionals, CISO or other IT executives, IT Operations generalists and backup administrators.

CompTIA’s 2022 State of Cybersecurity report examines the disconnect between root cause and symptoms. Digital transformation driven by cloud and mobile adoption is forcing a new strategic approach to cybersecurity, but fully adopting this new approach poses significant challenges, both tactically and financially. Although cybersecurity remains one of the most pressing issues for modern business, the hurdles that come from legacy views of IT and low understanding of the threat landscape make it difficult to follow the prescribed treatment.

The reported results are based on the anonymized aggregated data of simulated attack scenarios and campaigns performed with the Cymulate Platform across a global user base. Cymulate uses a proprietary scoring method based on known industry standards including the MITRE ATT&CK Framework, NIST Special Publication 800-50, and other benchmarks. The weighted averages used in this report compensate for the divergence in the relative usage of specific vectors.

Unit 221B assessed Deep Instinct’s claims that their Endpoint Protection Platform (EPP) product can automatically prevent unknown threats by using deep learning to identify patterns indicative of malicious behavior prior to execution on the endpoint.

The goal of this report is to share our knowledge about the most commonly used attack techniques and their use cases, so that security teams can adopt a more threat- centric approach and prioritize threat prevention, detection, and response efforts.

CyberEdge’s annual Cyberthreat Defense Report (CDR) plays a unique role in the IT security industry. Other surveys do a great job of collecting statistics on cyberattacks and data breaches and exploring the techniques of cybercriminals and other bad actors. Our mission is to provide deep insight into the minds of IT security professionals.

The 2023 State of Security Report surveyed over 240 cybersecurity professionals from North American to reveal the key challenges cybersecurity teams are facing, how they solve cyber issues, and the security technologies organizations prioritize.

To celebrate Sysadmin Day 2021, we surveyed 732 sysadmins from a variety of organizations worldwide to learn how the exceptionally weird year affected them and their organizations. This special report details what we discovered and celebrates the power and resistance of sysadmins, the very heart of the IT force!

This Remote Workforce Security Report reveals the state of securing the new workforce. The report explores key challenges and unique security threats faced by organizations, technology gaps and preferences, investment priorities, and more. Securing the remote workforce has become a critical priority for organizations affected by the closing of offices and workplaces in the wake of the ongoing COVID-19 pandemic.

The State of Remote Work Security Report reveals the status of organizations’ efforts to secure the new workforce, key challenges, and unique security threats faced by organizations, technology gaps and preferences, investment priorities, and more. The need to secure the remote workforce has never been more critical. A year into the pandemic, organizations are still grappling with how to protect their assets.

The 2021 BYOD Security Report reveals these security challenges and offers fresh insights on the state of securing mobility, the technology choices organizations are making, and their response to the growing security risks associated with remote work and enterprise mobility.

The 2021 Malware Report is to reveal the latest malware security trends, challenges, and investment priorities. Malware is continuously evolving and organizations are facing significant challenges in responding to the threat and protecting their IT environments against new types of viruses, worms, spyware, ransomware, and crypto-jacking malware.

Malware and ransomware continue to wreak havoc as some of the most destructive security threats affecting organization of all sizes, from SMBs to large enterprise and government agencies. This report is to reveal the latest malware security trends, challenges, and investment priorities.

This report is based on the results of a comprehensive online survey of 225 cybersecurity professionals, to gain more insight into the latest trends, key challenges, and solutions for malware and ransomware security. The respondents range from technical executives to managers and iT security practitioners, representing a balanced cross-section of organizations of varying sizes across multiple industries.

This report represents a global outlook and is based on over 700,000 unique endpoints distributed around the world. Most of the statistics discussed focus on threats for Windows operating systems, as they are much more prevalent compared to macOS and Linux.