Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Vuln Management

Below you will find reports with the tag of “Vuln Management”

image from Navigating The Internet Risk Surface

Navigating The Internet Risk Surface

In this risk surface series, RiskRecon, a Mastercard Company, and Cyentia have worked to help third-party risk managers understand how to measure and manage risk. We’ve seen variation across industries and other slices. But not all firms are interchangeable. A payroll processor cannot be replaced with a janitorial supply company, at least not with good business outcomes! In this report, we look at what distinguishes top-performing firms from those that struggle the most. Armed with this knowledge, Third-Party Risk Management (TPRM) professionals can take into account the totality of their risk surface, and how it impacts the overall security performance of an organization

(more available)
Added: April 25, 2023
image from Do You Know KEV? You Should (Because Hackers Do)!

Do You Know KEV? You Should (Because Hackers Do)!

The purpose of our research is to raise awareness of the CISA KEV catalog and understand how many of these vulnerabilities are under active exploitation so that organizations can take action against their risk. In our research, we relied on the CISA KEV catalog, a notable source of information regarding vulnerabilities actively exploited in the wild. We analyzed the common vulnerabilities and exposures (CVEs) using GreyNoise and other resources and found the attack surface in the past and present.

(more available)
Added: April 14, 2023
image from April 2023 Threat Horizons Report

April 2023 Threat Horizons Report

The Google Cloud Threat Horizons Report brings decision-makers strategic intelligence on threats to cloud enterprise users and the best original cloud-relevant research and security recommendations from throughout Google’s intelligence and security teams.

(more available)
Added: April 14, 2023
image from 2023 Vulnerability Statistics Report 8th Edition

2023 Vulnerability Statistics Report 8th Edition

This report demonstrates the state of full stack security based on thousands of security assessments and penetration tests on millions of assets that were performed globally from the Edgescan Cybersecurity Platform in 2022. This is an analysis of vulnerabilities detected in the systems of hundreds of organizations across a wide range of industries – from the Fortune 500 to medium and small businesses.

(more available)
Added: April 12, 2023
image from Navigating The Paths Of Risk: The State of Exposure Management in 2023

Navigating The Paths Of Risk: The State of Exposure Management in 2023

Our second annual report presents key insights drawn from tens of thousands of attack path assessments conducted through XM Cyber’s exposure management platform during 2022. These assessments uncovered over 60 million exposures affecting 10 million entitles deemed critical to business operations. Anonymized datasets were exported from the XM Cyber platform and provided to Cyentia Institute for analysis.

(more available)
Added: April 10, 2023
image from 2023 Qualys Trurisk Research Report

2023 Qualys Trurisk Research Report

In this Report, Qualys explores the most common ways adversaries exploit vulnerabilities and render attacks. With analysis performed by TRU throughout 2022, this report provides security teams with data-backed insights that help them gain victory without battle now and into the future.

(more available)
Added: March 29, 2023
image from Ransomware Spotlight Report 2023

Ransomware Spotlight Report 2023

In this report, we have examined the existing gaps in MITRE repositories and how they inhibit security teams from understanding their true threat context. We also introduce Securin’s Vulnerability Risk Score (VRS), an vulnerability ranking system that can help organizations prioritize vulnerabilities based on their risk factors, threat associations, exploitability, and criticality.

(more available)
Added: March 7, 2023
image from Tenable's 2020 Threat Landscape Retrospective

Tenable's 2020 Threat Landscape Retrospective

Tenable Research takes that approach to equip our customers and the industry at large with the tools, awareness and intelligence to effectively reduce risk. To further those goals, SRT has complied this 2020 Threat Landscape Retrospective, which offers both a macro look at the trends that shaped the year as well as the detailed compendium of key vulnerabilities. The insights and data provided in these pages are designed to help cyber defenders learn from the past in order to build cybersecurity strategies that protect critical infrastructures, supply chains and data while respecting privacy.

(more available)
Added: March 7, 2023
image from 2022 Vulnerability Intelligence Report

2022 Vulnerability Intelligence Report

Rapid7’s Vulnerability Intelligence Report examines notable vulnerabilities and high-impact attacks from 2022 in order to highlight exploitation trends, explore attackers use cases, and offer a framework for understanding new security threats as they arise. Our aim is the contextualize the vulnerabilities that introduce serious risk to a wide range of organizations. The report examines 50 vulnerabilities that pose considerable risk to organizations of all sizes. In total, this report includes 45 vulnerabilities that were exploited in the wild 2022, of which 44% arose from zero-day exploits.

(more available)
Added: March 3, 2023
image from State of Enterprise Cybersecurity: Invest Now, or Pya Big Later

State of Enterprise Cybersecurity: Invest Now, or Pya Big Later

In this report, we analyze data from Dark Reading’s survey that shows how security teams are struggling to keep up with the transformational changes to their business model and infrastructure. Many are partnering with security service providers, but they often struggle to get the most value from these partnerships. We show how organizations can optimize - and get the most out of - the relationships with their security solution provider partners.

(more available)
Added: March 1, 2023
image from Open Source Security and Risk Analysis Report 2023

Open Source Security and Risk Analysis Report 2023

In its 8th edition this year, the 2023 “Open Source Security and Risk Analysis” (OSSRA) report delivers our annual in-depth look at the current state of open source security, compliance, licensing, and code quality risks in commercial software. We share these findings with the goal of helping security, legal, risk, and development team better understand the open source security and license risk landscape.

(more available)
Added: February 27, 2023
image from Cyber Threat Index 2023

Cyber Threat Index 2023

This report includes insights on internet security, cyber risk, and security trends that organizations have face over the last year and what they need to prepare for in 2023. We’re sharing the critical information and our insights to help decision-makers in the information security community and insurtech sectors better understand the cyber risk landscape. Coalition’s data set includes internet scans of 5.2 billion IP addresses-an impressive number that comprises the entire IPv4 address space and relevant IPv6 addresses.

(more available)
Added: February 3, 2023
image from 2020 State of Vulnerability Management Report

2020 State of Vulnerability Management Report

The objective of this report is to reflect on the different vulnerability management phases and their current maturity and trends through a cumulative dashboard view of the United VRM SaaS solution, anonymously accumulating vulnerability and asset data from January 2019 to present date. These cumulative views will reveal trends and considerations about vulnerability management practices and overall program maturity.

(more available)
Added: January 17, 2023
image from The State of Vulnerability Management 2022

The State of Vulnerability Management 2022

For this survey, we surveyed 426 security professionals directly responsible for managing cyber vulnerabilities in their day-to-day work. The survey was conducted online via Pollfish using organic sampling. What we found is that some organizations have effective ways to detect, respond to, and remediate their vulnerabilities, while other organizations have more blind spots than they think.

(more available)
Added: January 17, 2023
image from Intelligence-Powered Security Operations

Intelligence-Powered Security Operations

In Intelligence-Powered Security Operations, risk and threat intelligence is combined with human expertise and machine power to deliver better outcomes to the business as a while. Ultimately, intelligence-powered security operations programs will deliver smarter security and better results.

(more available)
Added: December 22, 2022
image from The State of Dependency Management

The State of Dependency Management

In their inaugural report, the Station 9 research team explores the complexities of open source dependencies and the top security considerations for open source adoption at the enterprise.

(more available)
Added: December 20, 2022
image from 2021 Application Security Report

2021 Application Security Report

This report reveals that the expanded use of applications for business-critical applications, combined with the increased pace of application changes that come with DevOps methodologies, has created security challenges for organizations.

(more available)
Added: October 18, 2022
image from Ransomware Report 2022

Ransomware Report 2022

This 2022 Ransomware Report reveals the latest security trends, challenges, and investment priorities for ransomware protection, as reported by over 236 cybersecurity professionals surveyed in 2022. Ransomware attacks are on the rise and continue to wreak havoc as one of the most destructive malware threats that affect organizations of all sizes.

(more available)
Added: October 17, 2022
image from 2022 Endpoint Security Report

2022 Endpoint Security Report

The 2022 Endpoint Security Report reveals the latest endpoint security trends and challenges, why and how organizations invest in endpoint security, and the security capabilities companies are prioritizing.

(more available)
Added: October 14, 2022
image from 2022 Application Security Report

2022 Application Security Report

This report is based on the results of a comprehensive online global survey of 386 cybersecurity professionals, conducted in July 2022, to gain deep insight into the latest trends, key challenges, and solutions for application security. The respondents range from technical executives to managers and IT security practitioners, representing a balancing cross-section of organizations of varying sizes across multiple industries.

(more available)
Added: October 12, 2022
image from 2022 Vulnerability Management Report

2022 Vulnerability Management Report

The 2022 Vulnerability Management Report is based on a comprehensive survey of over 390 cybersecurity professionals in September 2022 to gain insights into the latest trends, key challenges and solutions preferences for vulnerability management.

(more available)
Added: October 12, 2022
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 2, 2025 04:08 UTC (build b1d7be4)