The 2022 Vulnerability Management Report is based on a comprehensive survey of over 390 cybersecurity professionals in September 2022 to gain insights into the latest trends, key challenges and solutions preferences for vulnerability management.

The 2022 State of Security Posture Report reveals that cybersecurity teams are struggling to measure and improve their security posture as their organizations move to the cloud and as their leadership increasingly expects them to measure cyber risk in monetary terms due to the rise of ransomware and the general impact of cyber attacks to business.

In this report, the findings show that in order to resolve the attack surface management challenges facing organizations, IT and security teams need to invest in solutions that automate and centralize monitoring of internet-facing assets and provide greater insights into vulnerabilities.

Organizational leaders of all types understand that ransomware can cause extreme damage to the organization’s ability function and, in some cases, even survive. Ransomware is not just an IT issue but a situation involving the highest levels of management, including the CEO. Ransomware attacks can be so significant that they trigger a disaster response using traditional disaster recovery (DR) tools and methods.

As companies embrace cloud native technologies as part of their digital transformation, security is seen as a key factor to building successful platforms. While only 36% of respondents stated that security was one of the main reasons for moving their production applications into containers, 99% of respondents recognize that security as an important element in their cloud native strategy.

In May 2022, over 5,000 DevOps professionals shared details about their teams and practices. Despite a challenging business environment, strong momentum continued in automation, release cadences, and cutting-edge technology adoption. Secure software development is now an imperative for DevOps teams around the world. It’s the number one reason for - and benefits of - DevOps platform usage.

For the fourth year in a row, we asked DevOps teams to tell the truth about their practices and processes, their challenges and their careers. With a global pandemic swirling, we were surprised when nearly 4,300 people took time to do just that this past February. In 2021, teams are poised to step out of the DevOps “culture” battle and into the real work of technology implementation and (surprisingly) upbeat results.

The scourge of ransomware has resulted in an entire ecosystem necessary to combat its spread and prevent organizations from becoming victims of an increasingly motivated set of criminals. Our research, which gleaned insights from close to 400 survey responses in July of 2022, provides key data points that infer strong correlation between organizations with board involvement in ransomware preparedness and positive outcomes related to it.

This report summarizes our findings and provides a resource for benchmarking an organization’s approach to risk oversight against current practices. In addition to highlighting key findings for the full sample of 560 respondents, we also separately report many of the key findings for the following subgroups of respondents: 152 large organizations (those with revenues greater than $1 billion), 129 publicly traded companies, 151 financial services entities and 156 not-for-profit organizations.

The eleventh annual Flexera 2022 State of the Cloud Report (previously known as the RightScale State of the Cloud Report) explores the thinking of 753 respondents from a survey conducted in late 2021. It highlighted year-over-year (YoY) changes to help identify trends. The respondents global cloud decision-makers and users-revealed their experiences and insights about the public, private and multi-cloud market.

In this report, we show how this combination of AI and automation can deliver substantially better performance, whether in the form of speed, insights, or flexibility. These performance improvements enable cybersecurity teams to shift their focus to what really matters: proactively protecting against, detecting, responding to, and recovering from threats while reducing costs and complexity.

We wanted to gain insights into the experience of security teams who are at the helm of their organization’s detection and response operations and uncover more about what they experience each day. We surveyed over 400 security engineers and analysts to understand the current state of detection and response.

In this report, you will find details about security, compliance, services, alerting, and Kubernetes usage patterns. This information can be useful for determining the real-world state of security and usage for container environments at companies around the world, from a broad range of industries.

In this report, you will find further detail about security, compliance, services, alerting, and Kubernetes usage patterns. This information can be useful for determining the real-world state of security and usage for container environments at companies around the world, from a broad range of industries.

Today, data is a company’s most valuable asset, leading many to invest in Insider Risk Management programs. Recent trends around employee turnover and remote work have created unprecedented challenges for security teams to protect valuable data from leaving the company. There needs to be most investments around educating the Broad, training employees, and increasing visibility to data movement.

Now in its seventh year, Sonatype’s 2021 State of the Software Supply Chain Report blends a broad set of public and proprietary data to reveal important findings about open source and its increasingly important role in digital innovation.

The goal of the study was to provide a state-of-the-market on third-party risk with actionable recommendations that organizations can take to grow and mature their programs across every stage of the third-party risk lifecycle.

The information included in this report is summary data from the pentesting performed in 2018. Additionally, we provide survey data from respondents in security, management, operations, DevOps, product, and developer roles.

The report evaluates the responses of 465 global IT professionals who manage, advise, and participate in ITAM, SAM, and HAM activities in organizations of 1,000 or more employees. The insights gleaned from these responses provide vision into the strategic initiatives across these ITAM practices and practitioners.

This report looks at the entire history of active applications, not just the activity associated with the application over one year. By doing so, we can view the full life cycle of applications, which results in more accurate metrics and observations. Aside from looking at the past, this report also imagines the future by considering practices that might help improve application security.

This report creates an overall picture of the cybersecurity capabilities of public power utilities. Moreover, it supports the previous year’s findings and provides a consistent approach for supporting DOE’s Multiyear Plan for Energy Sector Cybersecurity.