An analysis on the indicators to be derived from detecting Internet of Things (IoT) in organization’s public internet facing profiles.

This report covers vulnerabilities disclosed this year. It aims to help the reader navigate the current vulnerability landscape. It provides valuable insight into vulnerability trends and how they are impacting organizations.

This sixth volume of the Prioritization to Prediction series combines vulnerability data from Kenna’s customers with additional intelligence from Fortinet and others. This volume provides a quantitative analysis of the timeline of key dates in the lifecycle of an exploited vulnerability, exploring the effects of releasing exploit code relative to the date of CVE publication and patch availability, discussing the ramifications to attackers and defenders.

Drawing from their managed SIEM, vulnerability scanning, and penetration testing practices, this report covers the key threat and compliance challenges over the 2019 calendar year.

Drawing from their managed SIEM, vulnerability scanning, and penetration testing services, this report reviews the key trends from the 2018 calendar year.

This report was compiled from interviews with 1,004 company leaders in order to find the effect of remote work on their companies.

An extension of the Prioritization to Prediction series, this report uses a sample of over 40 manufacturing sector firms to better understand the means and metrics of vulnerability management with the sector.

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 30 healthcare sector firms to better understand the means and metrics of vulnerability management with the sector.

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 100 finance sector firms to better understand the means and metrics of vulnerability management with the sector.

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 70 technology services to better understand the means and metrics of vulnerability management with the sector.

This study examines trends in application development security. It looks as the extent to which security teams understand modern development practices, what influences application security investments, and the dynamic between development teams and cybersecurity teams.

The objective of this report is to provide nuanced insight into the ICS risk and vulnerability landscape, the challenges it poses to operational technology (OT) security practitioners, and what conclusions can be drawn from publicly available data.

A review of 180 engagements performed by Rapid7 consulting, supplemented by a survey of questions given to all Rapid7 consulting customers. Addresses lessons learned from this events.

A survey-baed report of 1,848 IT and IT Security professionals on the challenges with vulnerability prioritization and the importance of patch management for the prevention of breaches. Touches on the challenges of CMDBs and container security.

The 2020 OSSRA includes insights and recommendations to help security, risk, legal, and development teams better understand the open source security and license risk landscape.

A survey of 400 public sector IT decision makers and influencers to determine challenges faced by public sector IT professionals, security threats, and cybersecurity capabilities.

A deep dive into the state of deploying the latest TLS version (v1.2) and the use of this signal for correlating with broader public-facing risk surfaces and characteristics of firms.

The fifth edition of Edgescan’s vulnerability statistics report. Uses both scan data and survey data to report on vulnerability management, with a special focus on web application vulnerabilities.

This survey looked at the state of IT departments in 2020 and where their priorities fell. After surveying more than 1,300 IT professionals, it’s clear vendor management and contract negotiation is becoming a time-consuming endeavor. In fact, 50% of IT professionals work with 11 or more vendors and nearly half (48%) spend weeks or months renegotiating their vendor contracts each year.

P2P Volume 5 focuses on the differences between asset types (OS) and how vulnerabilities are treated on different platforms.

This is the 7th annual edition of the Microsoft Vulnerabilities Report, and includes a five-year trend comparison, giving you a better understanding of how vulnerabilities are growing and in which specific products.