Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Misconfiguration

Below you will find reports with the tag of “Misconfiguration”

image from Cloud Adoption and Risk Report: Business Growth Edition

Cloud Adoption and Risk Report: Business Growth Edition

A survey-based review of how and why organizations are adopting cloud technologies, specifically from a business growth perspective. Makes some specific recommendations and has discussion on CASB solutions.

(more available)
Added: February 12, 2020
image from 2nd Annual Penetration Risk Report 2019

2nd Annual Penetration Risk Report 2019

This report covers penetration prevention in the last year. It covers changes in penetration prevention such as the levels of risk incurred by applications, the way the shift to the cloud affects risk, and how the size of the business affects risk.

(more available)
Added: February 12, 2020
image from Cloud Security Report

Cloud Security Report

A survey based report on the attitudes and beliefs of security professionals to the challenges and opportunities in cloud security.

(more available)
Added: October 1, 2019
image from Hacker's Playbook 2nd Edition Q4 2016

Hacker's Playbook 2nd Edition Q4 2016

From the report, “How do we actually “play the hacker”? We do this by deploying simulators that play the role of a “virtual hacker” across endpoints, network and cloud, and execute breach methods from our hacker’s playbook. Our findings are incorporated in this report, and analyzed by SafeBreach Labs, with the hope that security teams can glean some interesting insights into the things not to do in their environment.”

(more available)
Added: July 10, 2019
image from Industrial Networks Secured

Industrial Networks Secured

This case study, focuses on one of Claroty’s power plant installations. It illustrates challenges and solutions that are both unique to the power generation sub-segment, as well those that apply to the broader context of OT cybersecurity.

(more available)
Added: March 9, 2019
image from Top Three Use Cases: Automated OT Asset Discovery and Management

Top Three Use Cases: Automated OT Asset Discovery and Management

This report takes an inside look at Industrial Control Systems and the need for them to be updated for the new Cyber Security Threats.

(more available)
Added: March 9, 2019
image from Major 3rd-PARTY Data Breaches of 2018

Major 3rd-PARTY Data Breaches of 2018

3rd-party (aka supply-chain) cyber attacks were one of the main reasons for major data breaches in 2018. Here is a recap of 3rd-party data breaches that hit the news in 2018

(more available)
Added: March 6, 2019
image from Cloud And Hybrid Environments: The State Of Security

Cloud And Hybrid Environments: The State Of Security

AlgoSec recently surveyed 450 C-level executives and senior security and network professionals to investigate the hybrid cloud security strategies of their organizations. The survey revealed that many organizations are embracing hybrid cloud as part of their enterprise infrastructure, and plan to increase their adoption of cloud platforms over the next three years. However, the majority of enterprises do have some serious security concerns and encounter significant challenges when managing security across hybrid environments, both during and after cloud migrations.

(more available)
Added: February 17, 2019
image from Cyber Defender Strategies: What Your Vulnerability Assessment Practices Reveal

Cyber Defender Strategies: What Your Vulnerability Assessment Practices Reveal

In this report we analyze real-world end-user vulnerability assessment (VA) behavior using a machine learning (ML) algorithm to identify four distinct strategies, or “styles.” These are based on five VA key performance indicators (KPIs) which correlate to VA maturity characteristics. This study specifically focuses on key performance indicators associated with the Discover and Assess stages of the five-phase Cyber Exposure Lifecycle. During the first phase – Discover – assets are identified and mapped for visibility across any computing environment. The second phase – Assess – involves understanding the state of all assets, including vulnerabilities, misconfigurations, and other health indicators. While these are only two phases of a longer process, together they decisively determine the scope and pace of subsequent phases, such as prioritization and remediation. The actual behavior of each individual enterprise in the data set, in reality, exhibits a mixture of all VA Styles. For the purposes of this work, enterprises are assigned to the specific style group with which they most closely align. We provide the global distribution of VA Styles, as well as a distribution across major industry verticals.

(more available)
Added: February 12, 2019
image from CVE Publishing: A Race to Protect Against Dark Web Threat Actors Trying to Exploit

CVE Publishing: A Race to Protect Against Dark Web Threat Actors Trying to Exploit

This is a threat focus report on Drupalgeddon2

Added: January 31, 2019
image from Asssessing the DNS Security Risk

Asssessing the DNS Security Risk

Ponemon Institute is pleased to present the findings of Assessing the DNS Security Risk, sponsored by Infoblox. The purpose of this study is to understand the ability of organizations to assess and mitigate DNS risks. As part of the research, an online index has been created to provide a global measure of organizations’ exposure to DNS security risks and assist them in their response to DNS security risks.

(more available)
Added: January 15, 2019
image from Cyber Intrusion Services Casebook 2018

Cyber Intrusion Services Casebook 2018

From the report, “This casebook presents some of the findings and recommendations we’ve made in key engagements across a representative sample of the work we performed last year. We dig into: Emerging and notable trends, Examples of ill-prepared organizations and the devastating effects of the breaches they suffered, Essential recommendations to prevent companies from becoming another statistic of poor security planning and execution. This casebook also underscores the expertise of our team and the important work we’re doing at CrowdStrike® Services. As you read the case studies, you will see that CrowdStrike stands shoulder-to-shoulder with our clients as we work together to stop adversaries and repair damage. But this casebook is not just for CrowdStrike clients — we want everyone to become better prepared to overcome their adversaries in 2019.”

(more available)
Added: January 15, 2019
image from Endpoint Security Buyer's Guide

Endpoint Security Buyer's Guide

This guide is designed to help enterprises endpoint security solutions.

Added: December 29, 2018
image from Too Much Information

Too Much Information

In this research, Digital Shadows assessed the sensitive data exposed from some of the most ubiquitous file sharing services across the Internet. We found over twelve petabytes of publicly available data across open Amazon S3 buckets, rsync, SMB, FTP servers, misconfigured websites, and NAS drives.

(more available)
Added: December 5, 2018
image from Cyber Threat Brief: US Recognizes Jerusalem As Capital Of Israel

Cyber Threat Brief: US Recognizes Jerusalem As Capital Of Israel

This report takes a look at the cyber threats that occurred when the US recognized Jerusalem as the Capital of Israel.

(more available)
Added: November 29, 2018
image from SIEM For Beginners

SIEM For Beginners

Everything you wanted to know about log management but were afraid to ask.

Added: November 21, 2018
image from Cloud Adoption And Risk Report - 2019

Cloud Adoption And Risk Report - 2019

From the Report, “Through analysis of billions of anonymized cloud events across a broad set of enterprise organizations*, we can determine the current state of how the cloud is truly being used, and where our risk lies. Consider that nearly a quarter of data in the cloud is sensitive, and that sharing of sensitive data in the cloud has increased 53% year-over-year. If we don’t appropriately control access and protect our data from threats, we put our enterprises at risk.”

(more available)
Added: November 21, 2018
image from ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar

ViperRAT: The mobile APT targeting the Israeli Defense Force that should be on your radar

Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware, including 11 new, unreported applications. We also discovered and analyzed live, misconfigured malicious command and control servers (C2), from which we were able to identify how the attacker gets new, infected apps to secretly install and the types of activities they are monitoring. In addition, we uncovered the IMEIs of the targeted individuals (IMEIs will not be shared publicly for the privacy and safety of the victims) as well as the types of exfiltrated content.

(more available)
Added: November 15, 2018
image from 2016 Vulnerability Statistics Report

2016 Vulnerability Statistics Report

This document discusses the vulnerabilities discovered by edgescanTM over the past year – 2016. The vulnerabilities discovered are a result of providing “Fullstack” continuous vulnerability management to a wide range of client verticals; from Small Businesses to Global Enterprises, From Telecoms & Media companies to Software Development, Gaming, Energy and Medical organisations. The statistics are based on the continuous security assessment & management of over 57,000 systems distributed globally.

(more available)
Added: October 26, 2018
image from 2015 Polish Internet Security Landscape

2015 Polish Internet Security Landscape

This is a yearly report based on the activities of CERT Polska for the year 2015. Polish authorities, well aware of the dangers, commissioned this report containing proposals for the organization of the defenses system of the syberspace of the Republic of Poland.

(more available)
Added: October 24, 2018
image from DDoS Threat Report Q4 2017

DDoS Threat Report Q4 2017

This report takes a look at the DDoS threats that occurred in the fourth quarter of 2017.

Added: October 23, 2018
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Cyentia Institute 2025
Library updated: June 21, 2025 12:08 UTC (build b1d7be4)