In this report, we share our industry-leading lineup of which threat actors, families, campaigns, and favorite techniques were prevalent during the last quarter. But there’s more. We’ve also expanded our sources to glean data from ransomware leak sites, and security industry reports. And as Trellix resources grow, so do the categories of threat research including new content covering Network Security, Cloud Incidents, Endpoint Incidents, and Security Operations.

Constella’s 2022 Breach Report offers key insights into these cyber threats and the staggering impact of malign activities fueled by breach data circulating on the deep and dark web. The following key findings represent the most significant and relevant trends for individuals, businesses, brands, and public organizations. This report also includes an extended analysis examining the ongoing conflict in Ukraine.

This first-of-its-kind report offers insight into how organizations are navigating the global cyber security threat landscape. Findings are drawn from extensive interviews with 1,350 business and IT leaders who make security decisions for organizations with at least 1,000 employees. Respondents were based in 13 countries across three regions and in 18 sectors - including financial services, healthcare and government.

For this survey, we surveyed 426 security professionals directly responsible for managing cyber vulnerabilities in their day-to-day work. The survey was conducted online via Pollfish using organic sampling. What we found is that some organizations have effective ways to detect, respond to, and remediate their vulnerabilities, while other organizations have more blind spots than they think.

The Google Cloud Threat Horizons Report brings decision-makers strategic intelligence on threats to cloud enterprise users and the best original cloud-relevant research and security recommendations from throughout Google’s intelligence and security teams.

In Intelligence-Powered Security Operations, risk and threat intelligence is combined with human expertise and machine power to deliver better outcomes to the business as a while. Ultimately, intelligence-powered security operations programs will deliver smarter security and better results.

The Deepwatch SecOps Pulse Survey research shows that security teams are more focused on improving response capabilities over detection improvements. This speaks to rising threats and an expanding attack surface that makes attacks nearly inevitable, forcing teams to prioritize limited resources.

In a year of new and evolving cyber risks, our community banded together to protect the global financial system and the people it serves. From the latest in phishing lures to nation-state threats, from new ransomware tactics to managing supply chain risk. we focused on arming our members with the intelligence and knowledge they need to keep our sector secure and resilient.

The 2021 SOAR Report is based on a comprehensive survey of cybersecurity professionals to uncover the latest trends, use cases, and benefits of SOAR solutions.

The 2021 Threat Hunting Report explores the challenges, technology preferences, and benefits of threat hunting to gain deeper insights into the maturity and evolution of the security practice. Threat hunting continues to evolve as an innovative cybersecurity tactic that focues on proactively detecting and isolating Advanced Persistent Threats (APTs) that might otherwise go undetected by tradition, reactive security technologies.

This report reveals that the expanded use of applications for business-critical applications, combined with the increased pace of application changes that come with DevOps methodologies, has created security challenges for organizations.

In this report, the findings show that in order to resolve the attack surface management challenges facing organizations, IT and security teams need to invest in solutions that automate and centralize monitoring of internet-facing assets and provide greater insights into vulnerabilities.

Cyber adversaries and threats are becoming increasingly sophisticated and more frequent. The survey of 297 IT security professionals found that although 82 percent of respondents said they know about the MITRE ATT&CK framework, only 8 percent reported that they are using the ATT&CK framework regularly.

The SANS CTI survey shows that many CTI programs can meet the challenge. While some programs are just getting started due to increased cybersecurity needs and a growing, complex threat environment brought on by the rapid shift to remote work, organizations can rely on CTI providers and information-sharing groups to fill in the gaps as their programs mature.

The new look at the workforce revealed that the percentage of women in cybersecurity is roughly 24%. While men continue to outnumber women in cybersecurity and pay disparity still exists, women in the field are buoyed by higher levels of education, and are finding their way to leadership positions in higher numbers.

In this report, we show how this combination of AI and automation can deliver substantially better performance, whether in the form of speed, insights, or flexibility. These performance improvements enable cybersecurity teams to shift their focus to what really matters: proactively protecting against, detecting, responding to, and recovering from threats while reducing costs and complexity.

Evolving security threats, exponential data growth, increased complexity, and a continuing cybersecurity shill shortage has given rise to a new category of security solutions called Extended Detection and Response (XDR). Red Piranha and Cybersecurity Insiders conducted a comprehensive survey to reveal the latest XDR trends and challenges in managing XDR, what XDR might replace, and how organizations select security technologies and providers.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats and helps organizations protect their systems. During March and April 2021, CTU researchers observed notable developments in threat behaviors, the global threat landscape, and security trends, and identified lessons to consider.

CISOs aren’t alone in recognizing the need for new threat detection and response strategies. In fact, security technology providers are championing a new technology initiative dubbed eXtended Detection and Response (XDR). XDR tools are intended to solve many threat detection and response issues by providing an integrated security architecture, advanced analytics, and simplified operations. Despite this innovation, however, users remain confused about XDR and where it could fit into their security programs. This report answers “what is XDR and which are the most important XDR requirements?”

Over 5,100 IT and security professionals across 27 countries were asked about their organizations’ approaches to updating and integrating security architecture, detecting and responding to threats, and staying resilient when disaster strikes. They shared a wide range of insights, struggles, strategies, and successes. Responses were analyzed in multiple ways and key findings were extracted.

A survey of 250 UK cybersecurity professionals on their perspectives of the state, benefits, and challenges in security process automation.