Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Metrics

Below you will find reports with the tag of “Metrics”

image from The DevSecOps Approach

The DevSecOps Approach

This report is essential reading for executives, security practitioners and development teams who want to better understand the present state of software security risk, and who seek to benchmark and improve their own organization’s performance.

(more available)
Added: September 18, 2019
image from 2019 State of the Software Supply Chain

2019 State of the Software Supply Chain

Now in its fifth year, Sonatype’s annual State of the Software Supply Chain Report examines the rapidly expanding supply and continued exponential growth in consumption of open source components. Their research also reveals best practices exhibited by exemplary open source software projects and exemplary commercial application development teams.

(more available)
Added: July 10, 2019
image from Leveraging Board Governance For Cybersecurity: The CISO/CIO Perspective

Leveraging Board Governance For Cybersecurity: The CISO/CIO Perspective

This report provides Advanced Cyber Security Center executives weighing in on the Board’s role as a strategic partner to management in balancing digital transformations and cybersecurity risks.

(more available)
Added: May 18, 2019
image from RiskSense Vulnerability Weaponization Insights

RiskSense Vulnerability Weaponization Insights

This Spotlight report provides in-depth analysis of vulnerabilities and weaponization patterns across the entire family of Adobe products. By focusing on weaponization, we go beyond simply counting vulnerabilities, and instead reveal how popular software from a leading vendor becomes a beacon for attackers. A significant number of these vulnerabilities are exploitable and have remote code execution capabilities, changing their status from a potential threat to an active and live cyber risk exposure point. While our findings naturally focus on the most recent data, the report includes more than 20 years of data from 1996 through 2018, allowing us to see long-term trends.

(more available)
Added: May 3, 2019
image from 2019 Vulnerability Statistics Report

2019 Vulnerability Statistics Report

From the report, “For our 4th Year running, welcome to the edgescan Vulnerability Stats Report. This report aims to demonstrate the state of full stack security based on edgescan data for 2018. The edgescan report has become a reliable source for truly representing the global state of cyber security. This year we took a deeper look at vulnerability metrics from a known vulnerability (CVE) and visibility standpoint. We still see high rates of known/patchable vulnerabilities which have working exploits in the wild, which possibly demonstrates it is hard to patch production systems effectively on a consistent basis.”

(more available)
Added: May 3, 2019
image from 2019 SANS Automation & Integration Survey

2019 SANS Automation & Integration Survey

Automation balances machine-based analysis with human-based domain knowledge to help organizations achieve optimal workflows in the face of staff shortages and alert fatigue, all caused by an increasing number of destructive threats. Yet, 59% of survey respondents indicate that their organizations use low levels or no automation of key security and incident response (IR) tasks. In this new SANS survey, we wanted to understand and explore some of the misconceptions versus facts around automation and what to do about it.

(more available)
Added: April 19, 2019
image from Boosting Organizational Success By Advancing Data Quality

Boosting Organizational Success By Advancing Data Quality

This paper will also explore the root causes of poor data quality and a solution for organizations seeking data quality improvement.

(more available)
Added: April 19, 2019
image from Prioritization to Prediction: Volume 2: Getting Real About Remediation

Prioritization to Prediction: Volume 2: Getting Real About Remediation

From the report, ““Realized coverage & efficiency vary greatly among firms—over 50% between top and bottom performers—indicating different remediation strategies lead to very different outcomes.” Where is your strategy leading?” Read on to find out more.

(more available)
Added: March 16, 2019
image from The New Combative Role of a Cyber Security Incident Response Program

The New Combative Role of a Cyber Security Incident Response Program

This report offers insights into why a CSIRT is crucial in today’s world. It provides some helpful tips and steps that can improve any organization’s response team.

(more available)
Added: March 6, 2019
image from State of Internal Audit 2018 - Impact and Opportunities

State of Internal Audit 2018 - Impact and Opportunities

From the Report, “When you are faced with multiple risks and regulatory requirements, as well as constantly-changing industry trends, how do you connect the dots? How do you bring all this information together in a way that is meaningful to your organization? MetricStream Research offers you a range of cutting-edge GRC research reports, insights, and analyses that empower you to make informed and effective decisions on your GRC Journey®. Through primary and secondary research, we analyze the latest GRC trends and developments, and transform this data into the intelligence you need to drive exceptional performance.”

(more available)
Added: March 6, 2019
image from Anticipating The Unkowns: Chief Information Security Officer (CISO) Benchmark Study

Anticipating The Unkowns: Chief Information Security Officer (CISO) Benchmark Study

This report reveals findings around the cybersecurity landscape. To inform this report they surveyed ,3,200 security leaders asking questions in three categories, Set Up - how do you set yourself up for success, Architecture - what is your approach to vender/solution selection, and finally Breach Readiness and Response.

(more available)
Added: March 6, 2019
image from 2019 Connectivity Benchmark Report

2019 Connectivity Benchmark Report

MuleSoft commissioned independent market research company Vanson Bourne to survey 650 IT leaders from global enterprises to discover: › What is the state of today’s digital transformation initiatives? › How is the role of IT evolving in the customer-centric era? › What are the top challenges IT organizations face? › Which strategies are enterprises adopting to get ahead of the market?

(more available)
Added: March 1, 2019
image from Pen Test Metrics 2018

Pen Test Metrics 2018

Here at Cobalt, we’ve done over 350 penetration tests to date. The information included in this report (Time to Fix, Vulnerability Types, Findings Criticality, Issues Fixed) is summary data from all of the penetration tests performed in 2017. Additionally, we provide survey data (Portfolio Coverage, Pen Test Frequency) from 75 respondents in security, management, operations, DevOps, product, and developer roles. All data has been anonymized to protect the privacy of our contributors.

(more available)
Added: February 18, 2019
image from The State of Payment Processing & Fraud: 2018

The State of Payment Processing & Fraud: 2018

The State of Payment Processing & Fraud: 2018 Inaugural Survey & Report is a first-of-its kind study brought to you by Kount and The Fraud Practice. The inaugural survey reached hundreds of acquirers, processors, gateways, payment facilitators and issuers to get their take on the state of the industry and what is most critical for attracting and retaining clients and growing processing volumes.

(more available)
Added: February 16, 2019
image from The State Of Chargebacks: 2018 Report

The State Of Chargebacks: 2018 Report

The State of Chargebacks: 2018 Report, brought to you by Kount and Chargebacks911, is intended to provide an overview of the health and status of chargeback management in the Card Not Present (CNP) payments space. It includes key facts and figures about chargebacks, dispute and win rates. In addition, participating organizations shared insights about the tools, services, and solutions they employ for fraud detection and chargeback management, as well as the greatest challenges they face.

(more available)
Added: February 16, 2019
image from The State Of Manual Reviews: 2018 Report

The State Of Manual Reviews: 2018 Report

The State of Manual Reviews: 2018 Report, brought to you by Kount and Paladin Group, provides survey results about manual review trends and best practices in the card-not-present (CNP) payments environment. It includes key performance indicators (KPIs) and demographic details related to participating merchants. In addition, participants in the survey shared insights about the tools, services, and solutions they employ for their manual review process.

(more available)
Added: February 16, 2019
image from The State of CNP False Positives: 2018 Report

The State of CNP False Positives: 2018 Report

Kount and The Fraud Practice designed the State of CNP False Positives survey because false positives are one of the least, if not the least, understood aspects of risk management. While merchants tend to focus directly on chargebacks and fraud losses, false positives are another major source of lost revenue but are often underestimated if not ignored altogether.

(more available)
Added: February 16, 2019
image from Fraud Prevention Industry Benchmarks: 2018 Report

Fraud Prevention Industry Benchmarks: 2018 Report

The Fraud Prevention Industry Benchmarks Survey was focused specifically on merchants doing business in the Card or Customer Not Present (CNP) channel. This study was designed to gain insights and information for comparison of key performance indicators (KPIs) such as manual review rates, chargeback rates, false positive rates and other metrics across different types of merchants, while the analysis report is intended to serve as an industry resource and point-of-reference for organizations looking to benchmark and compare the performance of their fraud prevention strategy against others in their vertical.

(more available)
Added: February 16, 2019
image from Third Party Risk: Why Real-Time Intelligence Matters

Third Party Risk: Why Real-Time Intelligence Matters

Abstract: Enterprises increasingly operate in a digitally interconnected world where third parties like suppliers, customers, channel partners, and others are often directly connected to their internal IT systems, and where their underlying IT infrastructure may be owned and managed by an outside organization. These business relationships can knowingly or unknowingly introduce different types of risks that need to be identified and managed as if these third parties were part of the enterprise itself. Recorded Future’s latest risk intelligence offering enables threat intelligence teams to better understand, monitor, and measure their real-time exposure to these third-party risks. Armed with this information, organizations can better assess and prioritize risk mitigation actions.

(more available)
Added: February 13, 2019
image from A New Timescale For Fraud Science: Insights From Our CSO

A New Timescale For Fraud Science: Insights From Our CSO

From the report, “At Feedzai, we recently completed a project: building a machine learning system to perform transaction fraud detection for a global payment service provider. This client does over a million transactions a day. We designed, trained, tested, and compared hundreds of models in just over a month. In the end we achieved a 16 percentage point increase in money recall with 20x fewer alerts. The fact that we’re continuing to deliver on projects of this scale, in this speed, makes me excited for the future. In this paper, I want to discuss why speed of data science matters, why we’re able to achieve it, and why it helps us deliver value for enterprises fighting fraud. ” Read on to find out more.

(more available)
Added: February 13, 2019
image from Misconceptions About Building a Machine Learning Platform For Risk

Misconceptions About Building a Machine Learning Platform For Risk

In this paper the CTO of Feedzai writes about several of the misconceptions related to organizations leveraging in-house resources to create their own machine learning system for risk. He discusses the lack of success surrounding those decisions.

(more available)
Added: February 13, 2019
  • ««
  • «
  • 4
  • 5
  • 6
  • 7
  • 8
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 1, 2025 08:08 UTC (build b1d7be4)