Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Misconfiguration

Below you will find reports with the tag of “Misconfiguration”

image from Global Threat Report 2024

Global Threat Report 2024

The threat landscape is dynamic and reactive — a new technique empowers a previously unknown threat group, vendors swarm to mitigate that threat and create new technologies in the process, operators on both sides seek out new techniques or tools, and so it goes. Elastic Security provides mechanisms to detect and mitigate malware on all major desktop operating systems (OS). For these purposes, malware is any software developed to facilitate adversary actions, disrupt legitimate activities, or otherwise cause harm to a computer or network.

(more available)
Added: February 19, 2025
image from 2024 Software Vulnerability Snapshot

2024 Software Vulnerability Snapshot

The findings provide insights into the current state of security for web-based applications and systems, and the potential impact of security vulnerabilities on business operations in high-risk sectors. The report examines how DAST offers a crucial complement to other security testing methods, such as static application security testing (SAST) and software composition analysis (SCA), and provides a unique perspective on application security by mimicking real-world attack scenarios.

(more available)
Added: February 19, 2025
image from The State of Non-Human Identity Security

The State of Non-Human Identity Security

Non-human identities (NHIs) such as bots, API keys, service accounts, OAuth tokens, and secrets are indispensable for automating tasks, enhancing efficiency, and driving innovation within organizations. The survey provides insights into their opinions about their current NHI security, the obstacles they’re facing, and the strategies and tools they’re using. The aim is to shed light on the current state of NHI security and identify areas for improvement.

(more available)
Added: September 16, 2024
image from H2 2024 Threat Horizons Report

H2 2024 Threat Horizons Report

The Google Cloud Cybersecurity Forecast 2024 report predicted that cyber criminals and nation-state cyber operators will more heavily leverage server-less technologies within the cloud because it offers greater scalability, flexibility, and can be deployed using automated tools. The report focuses on recommendations for mitigating risks and improving cloud security for cloud security leaders and practitioners.

(more available)
Added: July 18, 2024
image from Unit 42 Attack Surface Threat Report

Unit 42 Attack Surface Threat Report

Unit 42 analyzed several petabytes of public internet data collected by Cortex Xpanse — the Palo Alto Networks attack surface management solution — in 2022 and 2023. This report outlines aggregate statistics about how attack surfaces worldwide are changing and drills down into particular risks that are most relevant to the market. Today’s attackers have the ability to scan the entire IPv4 address space for vulnerable targets in minutes.

(more available)
Added: July 12, 2024
image from The 2024 State of Exposure Management

The 2024 State of Exposure Management

This report presents key insights drawn from hundreds of thousands of attack path assessments conducted through the XM Cyber Continuous Exposure Management (CEM) platform during 2023. These assessments uncovered over 40 million exposures affecting 11.5 million entities deemed critical to business operations. Data gathered from the XM Cyber platform were anonymized and provided to Cyentia Institute for independent analysis to generate the insights.

(more available)
Added: May 7, 2024
image from The 2023 State of Security Leadership

The 2023 State of Security Leadership

This research demonstrates the continual progression of a cybersecurity conundrum that has become an unfortunate but permanent part of the digital environment. Progress is being made, but new fronts open up and new challenges emerge in a seemingly endless cycle. As the need for security rises to a board level concern, cyber leaders are facing more strategic issues to defend against, even while ongoing threats persist. As those security leaders stand to meet the threats, it behooves organizational leaders to provide the support and resources necessary to help enable those they must count on to keep their enterprises safe.

(more available)
Added: April 8, 2024
image from The Identity Underground Report

The Identity Underground Report

This report is the first attempt to map out the most critical identity security weaknesses in the hybrid enterprise environment. These Identity Threat Exposures (ITEs), gathered from hundreds of live production environments, are the key weaknesses that allow attackers to access credentials, escalate privileges and move laterally, both on-prem and in the cloud.

(more available)
Added: April 3, 2024
image from 2024 Fortra State of Cybersecurity Survey Results

2024 Fortra State of Cybersecurity Survey Results

Our respondents were asked to open up about the challenges they’ve faced while securing their digital enterprises over the past year. We are at a critical juncture in digital transformation. The distributed workforce is now the norm, and companies must support remote productivity of which cloud will play a key role. This requires leaders to plan security for hybrid infrastructure – a distinct departure from the inherited on-premises strategies of most organizations. That’s why there is a lot to learn from this year’s temperature check on the industry.

(more available)
Added: February 14, 2024
image from Trend Micro Security Predictions for 2024

Trend Micro Security Predictions for 2024

2024 is poised to be a hotbed for new challenges in cybersecurity. As both economic and political terrains continue to undergo digitization, enterprises will increasingly leverage artificial intelligence and machine learning (AI/ML), the cloud, and Web3 technologies. While these innovations are expected to lend a hand to organizations, they also provide opportunities for cybercriminals by promising big returns, more streamlined operations on wider impact zones, and more targeted victims. In this report, we detail the focal points of next year’s threat landscape, along with insights and recommended mitigation measures from our team of cybersecurity experts that are designed to guide decision-makers toward well-informed choices.

(more available)
Added: February 7, 2024
image from Cyber attack readiness report 2023

Cyber attack readiness report 2023

To help businesses measure cyber attack readiness, we analyzed performance data from the 982 corporate security teams and 5,117 professionals who participated in our global CTF competition. HTB Business CTF: The Great Escape featured over 30 hacking challenges based on the live threat landscape covering areas such as forensics, blockchain, cloud, and more.

(more available)
Added: December 19, 2023
image from Cloud Detection and Response: Market Growth as an Enterprise Requirement

Cloud Detection and Response: Market Growth as an Enterprise Requirement

Increasingly dynamic cloud environments are presenting visibility challenges for security. Indeed, the majority of organizations claim that lack of access to physical networks, the dynamic nature of cloud-native applications, and elastic cloud infrastructure create blind spots, making security monitoring challenging. SOC teams need to address this cloud visibility gap by collecting, processing, monitoring, and acting upon information from an assortment of cloud security telemetry sources.

(more available)
Added: November 6, 2023
image from The 2023 State of the Internet Report

The 2023 State of the Internet Report

This year, we delve deeper into web entities, or content served over HTTP – think websites, web-based control panels, load balancers, and even APIs. Web entities have become a ubiquitous part of our daily lives, enabling us to shop, read the news, and stay in touch with loved ones. Our goal is to share our findings and analysis with the community to provide a deeper understanding of the complexities of the internet. We hope that readers can use these findings to enhance their understanding of the services that comprise the web and make more informed decisions about how to safeguard their digital assets.

(more available)
Added: November 6, 2023
image from The Future of Cloud Security

The Future of Cloud Security

Cloud security risks and vulnerabilities are on the rise and 30% of businesses fail to apply adequate security controls or provide the tools security and DevOps engineers really need to solve this problem. Unprecedented and rapid expansion to the cloud, prompted by many organizations’ digital transformation also means that cloud services are expanding faster than ever before. AWS alone has experienced over 1000% growth in services since 2013.

(more available)
Added: October 18, 2023
image from State of Play Report

State of Play Report

The United Kingdom’s National Cyber Security Centre (NCSC) found that cyberattacks against sports organizations are increasingly common, with 70% of those surveyed experiencing at least one attack per year, significantly higher than the average across businesses in the United Kingdom. In this edition we offer first hand learnings about how threat actors assess and infiltrate these environments across venues, teams, and critical infrastructure around the event itself.

(more available)
Added: October 10, 2023
image from Coalfire's 5th Annual Penetration Risk Report

Coalfire's 5th Annual Penetration Risk Report

Coalfire’s 5th Annual Penetration Risk Report confirms that enterprise security teams in key industry sectors are starting to embrace continuous penetration testing as a core component of a comprehensive defensive strategy. The report reveals gaps on an expanding attack surface, showing that organizations face ever-greater difficulties mitigating modern attacks.

(more available)
Added: September 26, 2023
image from The Annual SaaS Security Survey Report

The Annual SaaS Security Survey Report

Adaptive Shield commissioned CSA to develop a survey and report to better understand the industry’s knowledge, attitudes, and opinions regarding SaaS application use, SaaS security policies and processes, SaaS threats, and SaaS security strategy/solutions. Adaptive Shield financed the project and co-developed the questionnaire with CSA research analysts. The survey was conducted online by CSA in March of 2023 and received 1130 responses from IT and security professionals from organizations of various sizes and locations. CSA’s research analysts performed the data analysis and interpretation for this report.

(more available)
Added: August 3, 2023
image from The State of Cyber Assets Report 2022

The State of Cyber Assets Report 2022

In this first-ever SCAR report, we analyzed over 370 million cyber assets, findings, and policies across almost 1,300 organizations to better understand today’s cyber asset landscape. The data in this report helps security operations, engineers, practitioners and leaders understand cyber assets, liabilities, attack surfaces, and there relationships to each other in the modern enterprise.

(more available)
Added: June 19, 2023
image from Identify and Mitigate Risks of Privilege Escalation on Windows and Linux Endpoints

Identify and Mitigate Risks of Privilege Escalation on Windows and Linux Endpoints

In this white paper, you’ll learn how to combat unwanted privilege escalation by reverse engineering the tactics that cybercriminals use. By seeing the world through the eyes of a hacker you’ll be able to identity the red flags of privileged-account attacks. And, you’ll know which techniques and tools to use to mitigate them.

(more available)
Added: June 6, 2023
image from 2023 Cloud Security Report

2023 Cloud Security Report

This 2023 Cloud Security Report surveyed 752 cybersecurity professionals to reveal key challenges and priorities. In 2023, the cloud is fundamentally delivering on its promised business outcomes, including flexible capacity and scalability, increased agility, improved availability, and accelerated deployment and provisioning.

(more available)
Added: May 3, 2023
image from 2022 Cloud Security Threats

2022 Cloud Security Threats

This report is based on our research and experience from the past year in securing enterprise cloud environments. We chose to focus on novel, notable, and high-impact risks that we believe you should be familiar with and include in your cloud security strategy for 2022.

(more available)
Added: May 3, 2023
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Cyentia Institute 2025
Library updated: June 21, 2025 12:08 UTC (build b1d7be4)