This report dives into major security challenges, while also providing guidance for how enterprises can close the gap between what attackers see and what defenders think they’re protecting. They surveyed 398 IT and security decision-makers in the U.S. and Canada, and discovered that enterprises are struggling to keep up with a rapidly changing threat landscape due to process challenges that are overwhelming security staff.

For the fourth year in a row, we asked DevOps teams to tell the truth about their practices and processes, their challenges and their careers. With a global pandemic swirling, we were surprised when nearly 4,300 people took time to do just that this past February. In 2021, teams are poised to step out of the DevOps “culture” battle and into the real work of technology implementation and (surprisingly) upbeat results.

In this report, Bulletproof looks back on a fascinating year in the world of cyber security and compliance, with a keen eye on emerging patterns for what to expect in 2022 and beyond. Assessing data from our SIEM platform, honeypots, penetration testing and compliance services gives us a great insight into new cyber security threats and the state of cyber defenses across various industries.

The State of XIoT Security report is Claroty’s contextual analysis of cyber-physical security. The data presented in this edition of the report covers the first six months of 2022, and sheds light on the key trends and recommended actions you can apply within your enterprise.

BlueVoyant performed a cyber posture analysis of the vendors in the media industry sector. The approach was to identify and analyze the most prevalent vendors in the industry, as well as look at the extended vendor ecosystem for comparison, to gain a deep understanding of the issues the industry is facing. A total of 485 vendors were assessed.

In this white-paper, we address both high-level concepts: With respect to ransomware, what are the current adversary trends, and then what can organizations do to defend themselves (or better defend themselves)? The basic concept of ransomeware remains the same: Encrypt data and demand money for decryption.

In this report, you will find details about security, compliance, services, alerting, and Kubernetes usage patterns. This information can be useful for determining the real-world state of security and usage for container environments at companies around the world, from a broad range of industries.

In this report, you will find further detail about security, compliance, services, alerting, and Kubernetes usage patterns. This information can be useful for determining the real-world state of security and usage for container environments at companies around the world, from a broad range of industries.

The information included in this report is summary data from the pentesting performed in 2018. Additionally, we provide survey data from respondents in security, management, operations, DevOps, product, and developer roles.

The State of Pentesting 2022 Report focuses on issues and stats that are relevant to both security and development teams: to separate these two inextricably linked groups would only yield a partial picture of the security landscape.

The Secureworks Counter Threat (CTU) research team analyzes security threats and helps organizations protect their systems. During July and August 2021, CTU researchers observed notable developments in threat behaviors, the global threat landscape, and security trends and identified lessons to consider.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats and helps organizations protect their systems. During March and April 2021, CTU researchers observed notable developments in threat behaviors, the global threat landscape, and security trends, and identified lessons to consider.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats and helps organizations protect their systems. During November and December 2020, CTU researchers observed notable developments in threat behaviors, the global threat landscape, and security trends, and identified lessons to consider.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats and helps organizations protect their systems. During November and December 2021, CTU researchers observed notable developments in threat behaviors, the global threat landscape, and security trends, and identified lessons to consider.

This report is the Claroty Biannual ICS Risk & Vulnerability Report: 1H 2021. This report is a resource for OT security managers and operations, delivering not only data about vulnerabilities that are prevalent in industrial devices, but also the necessary context around them to assess risk within their respective environments.

This is the Claroty Biannual ICS Risk & Vulnerability Report: 2H 2021. This report brings important context to the unique discipline of ICS vulnerability research and managing that risk.

We do two very important and timely things in this report. We first explore ways to measure exploitability for individual vulnerabilities—and far more importantly—entire organizations. Second, we create a simulation that seeks to minimize organizational exploitability under varying scenarios combining vulnerability prioritization strategies and remediation capacity. Bottom line: If you’re looking for proven ways to squeeze the most risk reduction from your vulnerability management (VM) efforts, this report is for you.

A survey of 250 UK cybersecurity professionals on their perspectives of the state, benefits, and challenges in security process automation.

This annual report covers data from 1,602 penetration tests conducted in 2020 as well as survey information from 601 firms in the pursuit of understanding secure development, vulnerability remediation, and opportunities for process improvements.

Get best practices on managing your open source libraries in our State of Software Security v11: Open Source Edition report. Based on 13 million scans of more than 86,000 repositories, SOSS v11: Open Source Edition gives you a unique perspective on the open source libraries in codebases today, how organizations are managing the security of these libraries, and best practices on using open source code securely.

Do exploit code releases help or harm defenders? We decided to put this hotly contested debate to the test. The seventh volume of the Prioritization to Prediction series produced in conjunction with the Cyentia Institute attacks this debate from all angles. Poring over Kenna Security’s own threat and vulnerability intelligence, anonymized platform data, and Fortinet exploitation data, we analyzed over 6 billion vulnerabilities affecting 13 million active assets across nearly 500 organizations.