Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Pen Testing

Below you will find reports with the tag of “Pen Testing”

image from The State of Pentesting 2021

The State of Pentesting 2021

This annual report covers data from 1,602 penetration tests conducted in 2020 as well as survey information from 601 firms in the pursuit of understanding secure development, vulnerability remediation, and opportunities for process improvements.

(more available)
Added: August 4, 2021
image from Cyber-Espionage Report

Cyber-Espionage Report

This inaugural report covers seven years of data from the DBIR as well as additional Verizon information, providing an overview of the cyber-espionage landscape. Attackers, motivations, methods, and victims are all focus areas.

(more available)
Added: July 30, 2021
image from Bulletproof Annual Cyber Security Industry Report 2020

Bulletproof Annual Cyber Security Industry Report 2020

Drawing from their managed SIEM, vulnerability scanning, and penetration testing practices, this report covers the key threat and compliance challenges over the 2019 calendar year.

(more available)
Added: October 19, 2020
image from Bulletproof Annual Cyber Security Report 2019

Bulletproof Annual Cyber Security Report 2019

Drawing from their managed SIEM, vulnerability scanning, and penetration testing services, this report reviews the key trends from the 2018 calendar year.

(more available)
Added: October 19, 2020
image from 4th Annual Hacker Powered Security Report

4th Annual Hacker Powered Security Report

This report goes into the hacking industry in 2020. It talks about the impact of hackers on security, bug bounty trends, and more.

(more available)
Added: October 8, 2020
image from Under the Hoodie 2019

Under the Hoodie 2019

A review of 180 engagements performed by Rapid7 consulting, supplemented by a survey of questions given to all Rapid7 consulting customers. Addresses lessons learned from this events.

(more available)
Added: August 28, 2020
image from Under the Hoodie 2020

Under the Hoodie 2020

A review of lessons learned over the past year from Rapid7’s penetration testing services. Combined with survey day on social engineering and red team simulations of 206 engagements.

(more available)
Added: August 28, 2020
image from Cyber security skills in the UK labour market

Cyber security skills in the UK labour market

A review of the cybersecurity job market in the UK, the nature and extent of skill gaps and shortages. A combination of surveys, qualitative research with firms, and a review of job postings.

(more available)
Added: July 27, 2020
image from Inside the Mind of a Hacker 2020

Inside the Mind of a Hacker 2020

The annual report on the composition and findings of security testing as powered by BugCrowd’s bug bounty platform of nearly 3,500 security testers.

(more available)
Added: June 23, 2020
image from The 2020 Hacker Report

The 2020 Hacker Report

The fourth annual report from Hacker One on the state of the open security testing community, using data from Hacker One’s bug bounty program.

(more available)
Added: June 23, 2020
image from M-Trends 2019

M-Trends 2019

Mandiant’s 2019 edition of their threat intel report. Focusing on significant trends in attack TTPs over the past calendar year.

(more available)
Added: May 14, 2020
image from Impact Report 2020

Impact Report 2020

As software proliferates and DevOps takes hold, we conducted this study to understand the impact of utilizing Pentest as a Service (PtaaS) vs. traditional pentesting services. Within the backdrop of modern software development practices and rising appsec priorities, our study found that DevOps is a driving force for pushing pentest into the cloud and deploying Pentest as a Service. Furthermore, DevOps demands that appsec measures are delivered in a fashion that favors communication, transparency, and collaboration- PtaaS is exactly the evolution that addresses those aspects.

(more available)
Added: May 11, 2020
image from Top 10 Penetration Findings 2019

Top 10 Penetration Findings 2019

Lares encounters a seemingly endless number of vulnerabilities and attack vectors when we conducta penetration test or red team engagement, regardless of organization size or maturity. Though notevery engagement is identical, we have analyzed the similarities between hundreds of engagementsthroughout 2019 and the following list represents the most frequently observed penetration test findings we encountered.

(more available)
Added: May 8, 2020
image from Cyber Insurance Purchasing Grows Again in 2019

Cyber Insurance Purchasing Grows Again in 2019

The number of companies purchasing cyber insurance continued to increase in 2019, driven by growing recognition of cyber threats as a critical business risk and appreciation for cyber insurance’s role in mitigating its economic impact.

(more available)
Added: March 29, 2020
image from 2019 Year in Review: Lessons Learned from the Front Lines of ICS Cybersecurity

2019 Year in Review: Lessons Learned from the Front Lines of ICS Cybersecurity

This report - compiled from the engagements performed throughout 2019 in customer environments by our threat hunting, penetration testing, incident response, tabletop exercise, and assessments teams

(more available)
Added: March 1, 2020
image from Exploring Coordinated Disclosure: Shedding Light on Perceptions and Experience in How Software Vulnerabilities are Reported

Exploring Coordinated Disclosure: Shedding Light on Perceptions and Experience in How Software Vulnerabilities are Reported

Veracode commissioned this survey from 451 Research to understand how widely accepted andpracticed coordinated disclosure – whereby a security researcher identifies a flaw and notifiesthe company, then the two work together to fix and publicly disclose the flaw – really is andwhere the pain points reside. In addition, we wanted to explore the means organizations haveestablished to receive vulnerability reports, and the attitudes toward a coordinated disclosurepolicy on both sides of the organization and among external security researchers. We also soughta deeper understanding of the motivations of security researchers, actions when a vulnerabilityis identified, timing for disclosure, desired outcomes, how organizations structure disclosurepolicies, and the effectiveness of bug bounties.

(more available)
Added: February 12, 2020
image from 2nd Annual Penetration Risk Report 2019

2nd Annual Penetration Risk Report 2019

This report covers penetration prevention in the last year. It covers changes in penetration prevention such as the levels of risk incurred by applications, the way the shift to the cloud affects risk, and how the size of the business affects risk.

(more available)
Added: February 12, 2020
image from How Lucrative are Vulnerabilities? A Closer Look at the Economics of the Exploit Supply Chain

How Lucrative are Vulnerabilities? A Closer Look at the Economics of the Exploit Supply Chain

this report t explores the vulnerability-to-exploit (V2E) cybercrime and cybersecurity supply chain, outlines the players in the different market segments and provides insights into the related economic drivers.

(more available)
Added: November 26, 2019
image from Common and Best Practices for Security Operations Centers: Results of the 2019 Survey

Common and Best Practices for Security Operations Centers: Results of the 2019 Survey

A survey of over 300 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

(more available)
Added: November 25, 2019
image from Road to Security Operations Maturity

Road to Security Operations Maturity

A survey of over 250 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

(more available)
Added: November 25, 2019
image from Strategies for Building and Growing Strong Cybersecurity Teams

Strategies for Building and Growing Strong Cybersecurity Teams

This report explores the results of the 2019 (ISC)² Cybersecurity Workforce Study, providing details on the cybersecurity workforce and gap estimates, taking a closer look at cybersecurity professionals and their teams, reviewing key steps on the cybersecurity career path, and discussing insights into immediate and longer-term methods for building qualified and resilient cybersecurity teams now and in the future.

(more available)
Added: November 25, 2019
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Cyentia Institute 2025
Library updated: June 21, 2025 12:08 UTC (build b1d7be4)