The goal of this survey was to understand the current state of SaaS security and misconfigurations. The survey was conducted online by CSA from January to February 2022 and received 340 responses from IT and security professionals from various organization sizes and locations. (more available)

This whitepaper explains a new vulnerability in Windows Server that is highly exploitable.

A survey of 400 public sector IT decision makers and influencers to determine challenges faced by public sector IT professionals, security threats, and cybersecurity capabilities. (more available)

The 2020 edition of this annual survey based report on cloud adoption, migration, and security trends. Drawn from a pool of 750 global respondents with roles in evaluatng, purchasing, and managing cybersecurity products and with a high level of familiarity of their organizaiton’s public cloud use. (more available)

Q1 2020 was an extremely turbulent time as the world dealt with the spread of COVID-19 and many businesses shifted to a fully remote work environment for the first time. (more available)

This is the fifth annual report from the Huawei Cyber Security Evaluation Centre (HCSEC) Oversight Board. HCSEC is a facility in Banbury, Oxfordshire, belonging to Huawei Technologies (UK) Co Ltd (Huawei UK), whose parent company, Huawei Technologies Co Ltd, is a Chinese headquartered company which is now one of the world’s largest telecommunications providers. (more available)

The data in this survey suggests that the role of the firewall in network security remains critical even as the network security landscape undergoes significant evolution and expansion. (more available)

FireMon is proud to present its 3rd Annual State of the Firewall Report based on 437 survey responses collected between November 16, 2016 and December 6, 2016. (more available)

IT security organizations today are judged on how they enable business transformation and innovation. They are tasked with delivering new applications to users and introducing new technologies that will capture new customers, improve productivity and lower costs. (more available)

From the report, “This technical whitepaper presents and discusses the concept of “Connectivity as Code”, a complementary concept to “Infrastructure as Code” (IaC), and we will explain how it can be incorporated into the DevOps lifecycle for a more agile application delivery. (more available)

From the report, “For the past six years, Puppet has produced the annual State of DevOps Report1 and collected more than 27,000 responses from technical professionals around the world, making it the longest-running and most comprehensive study on the topic of DevOps today. (more available)

From the report, “The Puppet 2018 State of DevOps Report took a new tack this year, seeking prescriptive guidance for teams to follow. (more available)

From the report, “This year we designed our DevOps survey to reveal what successful organizations actually do as they progress on their DevOps journeys. (more available)

The purpose of this document is to briefly describe the features of Necurs malware. During the analysis, we have been able to identify the different “features” and “capabilities” of the Necurs malware. (more available)

Many federal agencies have begun adoption of modern, agile approaches to software delivery, with the goal of building higher quality services faster and more cheaply. (more available)

As businesses continue to adopt both infrastructure-as-a-service (iaaS) and platform -as-a-service (PaaS) cloud platforms, S&r pros struggle to protect their organization’s valuable data while minimizing the threat surface of cloud and hybrid cloud workloads. (more available)

Keeping track of databases, and the associated data they host, turns out to be a significant challenge. This white paper presents a detailed approach to understanding the difficulties related to database discovery, and some solutions to those problems. (more available)

This report uniquely addresses SecOps initiatives in terms of role, team leadership, success rates, company size, vertical adoptions, and geography. It provides telling insights into technology priorities, process, and best practices and metrics for critical use cases—including integrated security/ compliance for performance and availability management, change and configuration management, and IT asset management and audits. (more available)

This threat advisory offers insight into the ROPEMAKER Email Exploit.

This is a brief playbook that gives a plan for how to get started with cloud security.

This report illustrates how organizations are implementing proper Cyber hygiene, if at all. To gather this data, Tripwire partnered with Dimensional Research, sending a survey to independent sources of IT security professionals. (more available)