Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Pen Testing

Below you will find reports with the tag of “Pen Testing”

image from The Offsec Shift Report

The Offsec Shift Report

The OffSec Shift Report reveals how organizations are adapting to bring both defensive and offensive strategies to the cybersecurity battle. The past year was hard on cybersecurity teams. The persistent economic downturn led to 39% of organizations deprioritizing their cybersecurity strategy.

(more available)
Added: October 30, 2024
image from OWASP MASVS Benchmark Report

OWASP MASVS Benchmark Report

OWASP MASVS sets a minimum bar for mobile app developers to follow when building apps securely and provides security teams with the ideal testing strategy as part of the organization’s proof of controls. NowSecure benchmark mobile application security testing analysis shows 95% of nearly 6,500 leading mobile apps fail at least one of the seven OWASP MASVS categories.

(more available)
Added: September 4, 2024
image from The State of Pentesting Report 2024

The State of Pentesting Report 2024

In the ever-evolving landscape of cybersecurity, the significance of security testing cannot be overstated. As we delve into the 2023 trends, it’s clear that penetration testing remains the cornerstone of a robust security strategy. we’ve observed a substantial 31% increase in manual pentest engagements, highlighting a growing reliance on this building block of security.

(more available)
Added: August 23, 2024
image from SANS Application & API Security Survey 2024

SANS Application & API Security Survey 2024

In this report, one clear finding from the survey was that it is important to test throughout the application lifecycle using a variety of methods. Although testing early continues to be important, having visibility into and being able to monitor and test deployed applications is still critical. Although security testing capabilities have also improved, the value of individual testing capabilities has changed in response to increased threats and changing application architectures.

(more available)
Added: August 10, 2024
image from The 2022 Attack Resistance Report

The 2022 Attack Resistance Report

Several trends in the way we work and consume technology have resulted in an ever-expanding cyberattack surface for organizations of all sizes. Comprehensive digital transformation across enterprises, the rise in cloud adoption, the normalization of working from anywhere, and Internet of Things (IoT) initiatives have resulted in an explosion of new applications, along with an increased rate of iterations and updates.

(more available)
Added: May 31, 2024
image from Hacker-Powered Security Report: Industry Insights '21

Hacker-Powered Security Report: Industry Insights '21

HackerOne’s Hacker-Powered Security Report: Industry Insights leverages data from real-world vulnerability reports to provide insight into the fastest-growing vulnerability categories, how bounty prices are changing year over year, and which industries are fastest to fix. The most innovative CISOs stay ahead of cybersecurity threats and mitigate vulnerabilities by augmenting internal teams and security testing tools with a skilled and engaged hacking community.

(more available)
Added: May 22, 2024
image from Hacker-Powered Security Report Financial Services Edition 2022

Hacker-Powered Security Report Financial Services Edition 2022

In this year’s Hacker-Powered Security Report: Financial Services, we look at what drives ethical hackers, where they focus their energies, and what they’re doing to help financial services companies improve their security profile. In the past year, the hacking community has found over 65,000 customer vulnerabilities. Financial services continues to be among the most popular industries for ethical hackers to work on, and vulnerabilities in web applications are by far the most commonly reported issues in the industry

(more available)
Added: May 21, 2024
image from The 2024 Vulnerability Statistics Report

The 2024 Vulnerability Statistics Report

The 9th edition of the Edgescan Vulnerability Stats Report 2024. This report demonstrates the state of full stack security based on thousands of security assessments and penetration tests on millions of assets that were performed globally from the Edgescan Cybersecurity Platform in 2023. This is an analysis of vulnerabilities detected in the systems of hundreds of organizations across a wide range of industries – from the Fortune 500 to medium and small businesses. The report provides a statistical model of the most common weaknesses faced by organizations to enable data-driven decisions for managing risks and exposures more effectively.

(more available)
Added: April 8, 2024
image from Patterns and Targets for Ransomware Exploitation of Vulnerabilities: 2017-2023

Patterns and Targets for Ransomware Exploitation of Vulnerabilities: 2017-2023

Ransomware groups exploit vulnerabilities in two distinct categories: those targeted by only a few groups and those widely exploited by several. Each category necessitates different defense strategies. Groups targeting specific vulnerabilities tend to follow particular patterns, enabling companies to prioritize defenses and audits. To defend against unique exploitation, understanding the likely targets and vulnerability types is crucial. Looking ahead to 2024, advancements in generative AI may lower the technical barrier for cybercriminals, facilitating the exploitation of more zero-day vulnerabilities.

(more available)
Added: February 26, 2024
image from 2023 Impact Report

2023 Impact Report

This annual report features the work of 37 sophisticated cybersecurity teams working in partnership to advance 29 open-source projects that improve cyber defense for the whole community. This report captures the energy and passion that Center Participants bring to advancing threat- informed defense for all. Use it as a reference and share it with your teams and colleagues to further change the game on the adversary.

(more available)
Added: February 26, 2024
image from Hacker Powered Security Report 2023

Hacker Powered Security Report 2023

The 7th annual Hacker-Powered Security Report goes deeper than ever before with customer insights, in addition to the opinions of some of the world’s top hackers. We also take a more comprehensive look at the top ten vulnerabilities and how various industries are performing when it comes to incentivizing hackers to find the vulnerabilities that are most important to them.

(more available)
Added: December 15, 2023
image from Security Navigator 2024

Security Navigator 2024

The Security Navigator reflects first and foremost the reality of the conflictual nature of cyber warfare. It mirrors the disinhibition of threat actors motivated by state strategies or hacktivism as well as criminal opportunities. In this environment, espionage, sabotage, disinformation and extortion are becoming increasingly intertwined. This document is also intended to become the cornerstone of the partnership of trust that we wish to build with you. It must enrich our debates within a community that is still too isolated.

(more available)
Added: December 5, 2023
image from Coalfire's 5th Annual Penetration Risk Report

Coalfire's 5th Annual Penetration Risk Report

Coalfire’s 5th Annual Penetration Risk Report confirms that enterprise security teams in key industry sectors are starting to embrace continuous penetration testing as a core component of a comprehensive defensive strategy. The report reveals gaps on an expanding attack surface, showing that organizations face ever-greater difficulties mitigating modern attacks.

(more available)
Added: September 26, 2023
image from 2022 Attack Vectors Report

2022 Attack Vectors Report

For this year’s report, we have incorporated additional data from previous years to provide an enhanced view of the present threat climate. Additionally, given the prevalence of internal compromises over external, we chose to focus the bulk of our analysis on internal attack vectors, and then compared this data to maturity scores.

(more available)
Added: August 8, 2023
image from SANS 2023 SOC Survey

SANS 2023 SOC Survey

In this, our seventh annual survey, we added many questions but didn’t really take any away. Our new areas of focus include operational threat hunting, threat intelligence, data ingestion into the SIEM, and SOAR, as well as more detailed questions relevant to staff hiring and retention.

(more available)
Added: June 27, 2023
image from Technical Threat Report 2021

Technical Threat Report 2021

This report, based on VMware’s experience with a diverse customer base, offers a comprehensive look at Linux-based malware threats to multi-cloud environments. It highlights the unique characteristics of this class of threats and provides guidance on how combining endpoint detection and response (EDR) and network detection and response (NDR) solutions can help organizations stay ahead of the threats Linux-based malware poses.

(more available)
Added: May 4, 2023
image from 2022 Vulnerability Statistics Report

2022 Vulnerability Statistics Report

The Edgescan report has become a reliable source for truly representing the global state of cyber security vulnerability management. This is becoming more evident as our unique dataset is now also part of other annual security analysis reports, such as the Verizon DBIR (we are happy contributors for many years now). This year we examined vulnerability metrics from a known vulnerability (CVE), Malware, Ransomware and visibility standpoint (exposed services), coupling both internal and public Internet-facing systems. We also take a look at how quick we are fixing various vulnerabilities based on risk.

(more available)
Added: April 26, 2023
image from The State of Pentesting 2023

The State of Pentesting 2023

Cobalt’s 5th edition of The State of Pentesting explores this question, tapping into data from 3,100 pentests and over 1,000 responses from security practitioners in the United States, the United Kingdom, and Germany. Disruption, transformation, volatility — Top 5 most prevalent security issues whichever keyword fits your style, it all points to one fact: change is the constant security teams have had to live by for years.

(more available)
Added: April 14, 2023
image from 2023 Vulnerability Statistics Report 8th Edition

2023 Vulnerability Statistics Report 8th Edition

This report demonstrates the state of full stack security based on thousands of security assessments and penetration tests on millions of assets that were performed globally from the Edgescan Cybersecurity Platform in 2022. This is an analysis of vulnerabilities detected in the systems of hundreds of organizations across a wide range of industries – from the Fortune 500 to medium and small businesses.

(more available)
Added: April 12, 2023
image from Reducing Cyber Risk

Reducing Cyber Risk

This white paper breaks down existing methods of preventative cyber security and deep dives into Darktrace PREVENT: a product family that combines many of the best aspects of existing methods in an end-to-end, AI-powered solution.

(more available)
Added: April 3, 2023
image from The Threat Report Fall (Q3) 2022

The Threat Report Fall (Q3) 2022

In the third quarter of 2022, Trellix delivered a new, powerful resource to support the future of extended detection and response (XDR) and cybersecurity. The first Threat Report presented by the Trellix Advanced Research Center, showcases the rapid research and real-time intelligence resources with notable data and findings from Q3 2022 including: Increased threats to Transportations and Shipping sectors, Increased threats to Germany and The proliferation of old CVEs from 2016, 2017, 2018 - as the most commonly exploited in 2022.

(more available)
Added: February 27, 2023
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Cyentia Institute 2025
Library updated: June 21, 2025 12:08 UTC (build b1d7be4)