A review of web application vulnerabilities as seen through Acuentix’s web scans between March 2019 and February 2020.

FireMon’s second annual State of Hybrid Cloud Security report dives into how the proliferation of cloud environments is impacting enterprises and their ability to scale and protect them. (more available)

An extension of the Prioritization to Prediction series, this report uses a sample of over 40 manufacturing sector firms to better understand the means and metrics of vulnerability management with the sector. (more available)

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 30 healthcare sector firms to better understand the means and metrics of vulnerability management with the sector. (more available)

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 100 finance sector firms to better understand the means and metrics of vulnerability management with the sector. (more available)

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 70 technology services to better understand the means and metrics of vulnerability management with the sector. (more available)

A review of lessons learned over the past year from Rapid7’s penetration testing services. Combined with survey day on social engineering and red team simulations of 206 engagements. (more available)

This mid year report covers publicly disclosed data breaches first reported between January 1, 2020 and June 30, 2020 and compares current observations to the same time period for prior years. (more available)

This report focuses on an analysis of security controls effectiveness across the multiple stages of attack lifecycles within 11 global industries. (more available)

The 2020 edition of this annual survey based report on cloud adoption, migration, and security trends. Drawn from a pool of 750 global respondents with roles in evaluatng, purchasing, and managing cybersecurity products and with a high level of familiarity of their organizaiton’s public cloud use. (more available)

A survey of over 3,500 IT managers with data and workloads in the public cloud.

DivvyCloud researchers compiled this report to substantiate the growing trend of breaches caused by cloud misconfigurations, quantify their impact to companies and consumers around the world, and identify factors that may increase the likelihood a company will suffer such a breach. (more available)

Using case data from IBM’s external incident response service involvement in cloud-related security incidents over 2019, this report covers threat actors, threat actions, common control weaknesses, and makes recommendations for increase cloud security postures. (more available)

As more organizations move to the cloud and public cloud platforms gain more users and offer more services, cybercriminals will find ways to launch attacks and profit from compromise. (more available)

This report is based off the findings of a deep analysis of vulnerabilities in BAS. The results are grouped into four areas then published. (more available)

2020 edition of the Unit 42 Cloud Threat Report, ourteam of elite cloud threat researchers focused theirattention on the practices of DevOps. (more available)

A survey-based review of how and why organizations are adopting cloud technologies, specifically from a business growth perspective. Makes some specific recommendations and has discussion on CASB solutions. (more available)

This report covers penetration prevention in the last year. It covers changes in penetration prevention such as the levels of risk incurred by applications, the way the shift to the cloud affects risk, and how the size of the business affects risk. (more available)

A survey based report on the attitudes and beliefs of security professionals to the challenges and opportunities in cloud security.

From the report, “How do we actually “play the hacker”? We do this by deploying simulators that play the role of a “virtual hacker” across endpoints, network and cloud, and execute breach methods from our hacker’s playbook. (more available)

This case study, focuses on one of Claroty’s power plant installations. It illustrates challenges and solutions that are both unique to the power generation sub-segment, as well those that apply to the broader context of OT cybersecurity. (more available)