For the 2020 Duo Trusted Access Report, our data shows that more organizations across all industries are enabling their workforces to work from home now, and potentially for an extended period of time. (more available)

For The 2019 Duo Trusted Access Report, our data shows that Duo customers across all industries are starting to implement zero-trust security principles to secure their workforce. (more available)

The Red Report 2021 reveals an increase in the number of average malicious actions per malware. Another key finding of the report is that T1059 Command and Scripting Interpreter is the most prevalent ATT&CK technique, utilized by a quarter of all the malware samples analyzed. (more available)

From Q2 to Q3 2021, ransomware gained increasing attention. In Q3 2021, threat actors also continued mass exploitation of vulnerabilities in systems, including those in Microsoft Exchange. (more available)

This report is an in-depth analysis of tens of thousands of threats detected across our customers' environments, this research arms security leaders and their teams with a unique understanding of the threats they’re facing. (more available)

This report is based on in-depth analysis of roughly 20,000 confirmed threats detected across our customers' environments, this research arms security leaders and their teams with actionable insights into the malicious activity and techniques we observe most frequently. (more available)

This report looks at the entire history of active applications, not just the activity associated with the application over one year. (more available)

This annual report looks at changes in internet of things security.

This article offers a glimpse into the inner workings of the Interplanetary Storm botnet, provides an exhaustive technical analysis of the Golang-written binaries along with an overview of the protocol internals and finally, some attribution information. (more available)

This is a report based on a 2020 survey of remote workers. It emphasizes the disconnect between the company and the worker associated with remote work. (more available)

An extension of the Prioritization to Prediction series, this report uses a sample of over 40 manufacturing sector firms to better understand the means and metrics of vulnerability management with the sector. (more available)

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 30 healthcare sector firms to better understand the means and metrics of vulnerability management with the sector. (more available)

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 100 finance sector firms to better understand the means and metrics of vulnerability management with the sector. (more available)

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 70 technology services to better understand the means and metrics of vulnerability management with the sector. (more available)

The 2020 OSSRA includes insights and recommendations to help security, risk, legal, and development teams better understand the open source security and license risk landscape. (more available)

A deep dive into the state of deploying the latest TLS version (v1.2) and the use of this signal for correlating with broader public-facing risk surfaces and characteristics of firms. (more available)

A survey of 166 US health information security professionals. Discusses the prevalence of significant security events (primarily e-mail based), positive advances in healthcare security, the threat of complacency when managing programs, and area where there are control gaps. (more available)

A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components.

Covers the long tail of vulnerability patching, whereby vulnerabilities that are not fixed soon after detection can linger for months or more before being addressed. (more available)

A look at the unique threat and risk landscape of the manufacturing industry. Discussing the challenges brought about by Industry 4. (more available)

We built our 2020 Threat Insights Report on this foundation, to help guide you in protecting against what’s to come. Because moving forward, the right combination of protections is not a difference between one cybersecurity solution or another; it’s the difference between being protected against tomorrow’s threats or becoming their prey. (more available)