This study leverages a vast dataset spanning over 77,000 cyber events experienced by 35,000 organizations over the last decade. This dataset is drawn from Advisen’s Cyber Loss Data, which contains over 138,000 cyber events collected from publicly verifiable sources.

In this report, data reveals that on average, in 2021, a typical company with 400 developers would discover 1,050 unique secrets leaked upon scanning its repositories and commits. With each secret detected in 13 different places on average, the amount of work required for remediation far exceeds current AppSec capabilities: with a security-to-developers ratio of 1:100.

The 2022 report included data from NetDiligence studies published in 2018-2021, representing 4,036 incidents that occurred in previous years. After the elimination of claims that were less than $1,000, the combined dataset included 6,411 incidents each one a cyber incident insurance claim.

This report, Keeper’s second annual U.S. Cybersecurity Census, maps the transforming landscape of cybersecurity based on these expert insights. It provides leaders with a forensic assessment of the threats their businesses face, and details the urgent strategies necessary to overcome them.

The 2022 Cyber Security Report uncovers the key cybersecurity trends from 2021, including a supply chain attack ‘frenzy’ and increased disruption to everyday life. Education and Research were revealed as the most targeted sector. The report gives a detailed overview of the cyber threat landscape and recommendations on how to prevent the next cyber pandemic.

As companies embrace cloud native technologies as part of their digital transformation, security is seen as a key factor to building successful platforms. While only 36% of respondents stated that security was one of the main reasons for moving their production applications into containers, 99% of respondents recognize that security as an important element in their cloud native strategy.

Cyber adversaries and threats are becoming increasingly sophisticated and more frequent. The survey of 297 IT security professionals found that although 82 percent of respondents said they know about the MITRE ATT&CK framework, only 8 percent reported that they are using the ATT&CK framework regularly.

This report includes incidents that occurred during 2015-2019. A total of 3,547 claims were analyzed, and data was distilled into over 100 categories. To compare, the fifth Cyber Claims Study, published in 2015, analyzed 207 cyber insurance claims. While many of the categories over the last five years have remained the same, the data has changed, sometimes dramatically.

This study, based on over 2,000 cyber claims, provides a comprehensive view of recent cyber claim events. The 2019 report also included data from NetDiligence studies published in 2015-2018, representing 1,008 events that occurred in 2014 to 2017. After the elimination claims that were less than $1,000, the combined dataset included 2,081 events, each one a data breach insurance claim.

For our survey, we targeted successful women working in varied roles in the cybersecurity community, and we queried them about everything from breaking into the field and gaining career momentum to choosing a specialty and finding ways to remain relevant. In this report, we provide lessons learned and advice on how a women in cybersecurity or a woman wanting to enter this field can lay a foundation to ensure success.

In May 2022, over 5,000 DevOps professionals shared details about their teams and practices. Despite a challenging business environment, strong momentum continued in automation, release cadences, and cutting-edge technology adoption. Secure software development is now an imperative for DevOps teams around the world. It’s the number one reason for - and benefits of - DevOps platform usage.

For this report, Snyk surveyed more than 400 cloud engineering and security professionals to better understand the cloud risks and challenges they face, and how they’re successfully improving their cloud security efforts.

The SANS CTI survey shows that many CTI programs can meet the challenge. While some programs are just getting started due to increased cybersecurity needs and a growing, complex threat environment brought on by the rapid shift to remote work, organizations can rely on CTI providers and information-sharing groups to fill in the gaps as their programs mature.

The State of API Security Report from Salt Labs is the industry’s only report on API security risks, challenges, and strategies. The Q3 2022 report incorporates survey results and empirical data from the Salt SaaS platform hosting our customers’ API metadata. The most eye-opening findings from the report comes from our customers. Over the past year, Salt customers experienced a 117% increase in API attack traffic while their overall API traffic grew 168%.

In this report, Bulletproof looks back on a fascinating year in the world of cyber security and compliance, with a keen eye on emerging patterns for what to expect in 2022 and beyond. Assessing data from our SIEM platform, honeypots, penetration testing and compliance services gives us a great insight into new cyber security threats and the state of cyber defenses across various industries.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats to help organizations protect their systems. During May and June, CTU researchers identified the following noteworthy issues and changes in the global threat landscape: government-sponsored threat groups use ransomeware to, don’t leave the door to your data unlocked, and business email compromise (BEC) is as big a problem as ransomeware.

The year’s Global Economic Crime and Fraud Survey enquired about organizations’ attitudes towards fraud and financial and economic crime in the current environment and drew responses from 1,296 respondents in 53 countries and regions. This survey, our first snapshot of 2022, homed in on fraud trends and conduct risk.

This report shares insights from the XM Cyber Research team’s analysis of the Attack Path Management platform from January 1st, 2021 - December 31st, 2021. The Impact report begins with a close look at the methodology of attack paths and then reveals the impact of attack techniques used to compromise critical assets across organizations, whether hybrid, on-prem or multi-cloud.

The 2022 Cloud Security Report is based on a comprehensive survey of 775 cybersecurity professionals conducted in January 2022, to uncover how cloud user organizations are responding to security threats in the cloud, and what training, certifications, and best practices IT cybersecurity leaders are prioritizing in their move to the cloud. The respondents range from technical executives to IT security practitioners, representing a balanced cross-section of organizations of varying sizes across multiple industries.

In this report we take a closer look at how cyber warfare has intensified to become an essential part of the preparation for, and conduct of, actual military conflict. Furthermore, we uncover what the fallout of this will be for governments and enterprises all over the world, even those that are not directly involved in the conflict.

The report surfaces the most significant data we’re seeing in our threat detection and response effort, curates that data into trends that can impact your cybersecurity posture, and offers resilience recommendations to protect your organization.