Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Vuln Management

Below you will find reports with the tag of “Vuln Management”

image from 2019 Year in Review: ICS Vulnerabilities

2019 Year in Review: ICS Vulnerabilities

The findings in this report are a comprehensive look at ICS vulnerability statistics, including how they affect industrial control networks and whether appropriate mitigation is provided alongside the published advisories. Dragos identifies errors in the vulnerability scores associated with public reports, a critical part of our vulnerability assessments. By identifying and updating errors in vulnerability scores, Dragos vulnerability assessments help asset owners and operators better prioritize and manage patching and update procedures.

(more available)
Added: March 1, 2020
image from The State of IT Operations and Cybersecurity Operations

The State of IT Operations and Cybersecurity Operations

The 2019 Dark Reading State of IT Operations and Security Operations survey uncovered some important developments in the way enterprises are managing security in the data center – and in the boardroom. Here are some key takeaways: • 57% of respondents said IT and security staff communicate well, up from 47% last year. • 20% of organizations involve the security team at the start of every major IT project. • 69% of respondents say that the security team holds primary responsibility for compliance and privacy; this figure rose significantly – more than 12% – from our 2018 survey. • 90% of organizations expect the security team to take charge of developing and setting security policy. • 80% said the IT operations team is primarily responsible for patch management. • 20% of organizations have a distinct security department that operates separately from the IT team. • 18% of organizations have a fully-staffed security function. • 37% said the security operations team is most likely to be the first to detect and alert others about security incidents in the organization.

(more available)
Added: February 18, 2020
image from Securing industrial Control Systems- 2017

Securing industrial Control Systems- 2017

We annually gather and analyze raw data from hundreds of IT and industrial control systems (ICS) security practitioners across a variety of industries, people whose work places them in positions of responsibility to identify risks and safeguard control systems and networks from malicious and accidental actions. It is our mission to turn these inputs into actionable intelligence that can be used to support new developments and address ongoing trends in the field, to inform the crucial business decisions that determine allocation of resources, prioritization of protective measures on critical assets and systems, and planning of new initiatives.

(more available)
Added: February 18, 2020
image from Costs and Consequences of Gaps in Vulnerability Response

Costs and Consequences of Gaps in Vulnerability Response

Ponemon Institute is pleased to present the findings of the second study on vulnerabilityand patch management. As shown inthis research, the severity and volume ofcyberattacks is increasing. However, mostorganizations are not comparably enhancingtheir abilities to prevent hackers fromexploiting attack vectors. In fact, it’s takinglonger to detect and longer to patch criticalvulnerabilities than last year. The cost andconsequences of this failure are myriad.

(more available)
Added: February 17, 2020
image from 2019 Cyberthreat Defense Report

2019 Cyberthreat Defense Report

A survey-based report with findings in four major areas: current security posture, perceptions and concerns, current and future investments, and practices and strategies.

(more available)
Added: February 12, 2020
image from The State of Open Source Security Report

The State of Open Source Security Report

This report outlines the state of open source security, including open source adoption, known vulnerabilities, and vulnerability identification.

Added: February 7, 2020
image from 2019 Healthcare Report

2019 Healthcare Report

This report goes in-depth into trends in healthcare data security, surveying 26,000 companies and analyzing terabytes of information.

Added: February 7, 2020
image from Vulnerability QuickView Report Q3 2019

Vulnerability QuickView Report Q3 2019

Risk Based Security has been sharing our Vulnerability QuickView reports with the world, providing detailed analysis on the vulnerability landscape based on data from our vulnerability intelligence product, VulnDB . Continuing from our previous 2019 Mid-Year report, this edition of the QuickView delves into the months of August through October. The information collected is displayed in a series of charts depicting various groupings, classifications, insights, and comparisons of the data

(more available)
Added: November 25, 2019
image from Road to Security Operations Maturity

Road to Security Operations Maturity

A survey of over 250 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

(more available)
Added: November 25, 2019
image from Prioritization To Prediction Volume 4: Measuring What Matters in Remediation

Prioritization To Prediction Volume 4: Measuring What Matters in Remediation

This research was commissioned by Kenna Security. Kenna collected and provided the remediation dataset to the Cyentia Institute for independent analysis and drafting of this report.

(more available)
Added: September 18, 2019
image from 1H 2019 Vulnerability and Exploit Trends

1H 2019 Vulnerability and Exploit Trends

This is a summary of vulnerability trends observed and investigated by the eSentire Security Operations Center (SOC) in 1H 2019.

(more available)
Added: September 18, 2019
image from 2019 Security Technology Spend Insights Report

2019 Security Technology Spend Insights Report

This paper discusses the top five Cybersecurity Technology Buying Trends.

Added: September 18, 2019
image from Predictive Prioritization: Data Science Lets You Focus On the 3% Of Vulnerabilities Likely To Be Exploited

Predictive Prioritization: Data Science Lets You Focus On the 3% Of Vulnerabilities Likely To Be Exploited

This technical whitepaper explains the challenges cybersecurity professionals face, how they’re prioritizing vulnerabilities today and how they can dramatically improve cyber risk management with Predictive Prioritization – the process of re-prioritizing vulnerabilities based on the probability that they will be leveraged in an attack.

(more available)
Added: July 10, 2019
image from 2019 State of the Software Supply Chain

2019 State of the Software Supply Chain

Now in its fifth year, Sonatype’s annual State of the Software Supply Chain Report examines the rapidly expanding supply and continued exponential growth in consumption of open source components. Their research also reveals best practices exhibited by exemplary open source software projects and exemplary commercial application development teams.

(more available)
Added: July 10, 2019
image from 2019 Endpoint Security Trends Report

2019 Endpoint Security Trends Report

This report outlines the findings from extensive primary research analyzing more than six million enterprise devices over a one year period. Our analysis led to a stunning discovery: much of endpoint security spend is voided because tools and agents fail, reliably and predictably. The clear conclusion is that increasing security spending does not increase safety. In fact, every additional security tool only increases the probability of failure and decay. The data in this report provides evidence that merely investing in more endpoint security tools is ineffective, and a new approach is needed. To secure the endpoint, the security tools already in place must be made resilient.

(more available)
Added: July 10, 2019
image from RiskSense Vulnerability Weaponization Insights

RiskSense Vulnerability Weaponization Insights

This Spotlight report provides in-depth analysis of vulnerabilities and weaponization patterns across the entire family of Adobe products. By focusing on weaponization, we go beyond simply counting vulnerabilities, and instead reveal how popular software from a leading vendor becomes a beacon for attackers. A significant number of these vulnerabilities are exploitable and have remote code execution capabilities, changing their status from a potential threat to an active and live cyber risk exposure point. While our findings naturally focus on the most recent data, the report includes more than 20 years of data from 1996 through 2018, allowing us to see long-term trends.

(more available)
Added: May 3, 2019
image from 2019 Vulnerability Statistics Report

2019 Vulnerability Statistics Report

From the report, “For our 4th Year running, welcome to the edgescan Vulnerability Stats Report. This report aims to demonstrate the state of full stack security based on edgescan data for 2018. The edgescan report has become a reliable source for truly representing the global state of cyber security. This year we took a deeper look at vulnerability metrics from a known vulnerability (CVE) and visibility standpoint. We still see high rates of known/patchable vulnerabilities which have working exploits in the wild, which possibly demonstrates it is hard to patch production systems effectively on a consistent basis.”

(more available)
Added: May 3, 2019
image from The Threat Intelligence Handbook

The Threat Intelligence Handbook

This e-book provides a practical guide for security teams to “unlock” the power of intelligence.

Added: April 23, 2019
image from Cyber Security: For Defenders, It's About Time

Cyber Security: For Defenders, It's About Time

In multiple areas of cyber security, time is currently working in favor of the attackers — and time is the strategic advantage that the defenders need to regain. In a recent report, Aberdeen Group leveraged Verizon Data Breach Investigations Report data to uncover the distribution of attacker “dwell times,” i.e., the total time in days from attacker compromise to defender detection.

(more available)
Added: April 19, 2019
image from 2018 Application Security Report

2018 Application Security Report

This report is the result of a comprehensive survey of 437 cybersecurity professionals designed to reveal the latest application security trends, how organizations are protecting applications, and what tools and best practices IT cybersecurity teams are prioritizing to find, fix and prevent vulnerabilities in next-gen applications.

(more available)
Added: April 4, 2019
image from HUAWEI CYBER SECURITY EVALUATION CENTRE (HCSEC) OVERSIGHT BOARD ANNUAL REPORT 2019

HUAWEI CYBER SECURITY EVALUATION CENTRE (HCSEC) OVERSIGHT BOARD ANNUAL REPORT 2019

This is the fifth annual report from the Huawei Cyber Security Evaluation Centre (HCSEC) Oversight Board. HCSEC is a facility in Banbury, Oxfordshire, belonging to Huawei Technologies (UK) Co Ltd (Huawei UK), whose parent company, Huawei Technologies Co Ltd, is a Chinese headquartered company which is now one of the world’s largest telecommunications providers.

(more available)
Added: April 4, 2019
  • ««
  • «
  • 4
  • 5
  • 6
  • 7
  • 8
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 1, 2025 16:08 UTC (build b1d7be4)