Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Vulnerability

Below you will find reports with the tag of “Vulnerability”

image from 2023 Third Party Data Breach Report

2023 Third Party Data Breach Report

This report, the result of a collective effort of Black Kite Researchers, focuses on what has changed in 2022, for better or for worse, compared to 2021. It highlights some of the lessons of past years and those still being learned within the changing cyber landscape. For this study, Black Kite Research analyzed 63 individual third party incidents, which ultimately resulted in more than 298 publicly-disclosed headline breaches and data leaks during the past year. These events inevitably caused thousands of other ripple-effect breaches throughout 2022. The report finalizes the lessons learned and relevant recommendations for the future.

(more available)
Added: April 25, 2023
image from The Fast and the Frivolous

The Fast and the Frivolous

The Fast and the Frivolous uses a massive dataset from SecurityScorecard that spans 1.6 million organizations. We analyze billions of internet-exposed assets to measure the speed of vulnerability remediation over a three-year period. In this report, you’ll find some of the lessons we learned.

(more available)
Added: April 25, 2023
image from 2022 Cyber Claims Report

2022 Cyber Claims Report

The following report provides a detailed look into the incidents that led to claims from our policyholders over the second half of 2021. In addition to the data, we share a thoughtful analysis of the current trends and predictions for 2022.

(more available)
Added: April 19, 2023
image from Cybersecurity Maturity Report 2023

Cybersecurity Maturity Report 2023

In this report, we highlight which industries and countries have the most robust cyber postures and which are lagging, as well as the most prevalent vulnerabilities. We also examine the scores across different industries, countries, and company sizes and provide recommendations and best practices on how to achieve a better cyber posture. This report is based on data gathered over two years of cyber assessments, spanning 15 countries and nearly a dozen industries. Each assessment includes an evaluation of the organization across seven different security domains, with a total of 312 data points.

(more available)
Added: April 19, 2023
image from The State of Pentesting 2023

The State of Pentesting 2023

Cobalt’s 5th edition of The State of Pentesting explores this question, tapping into data from 3,100 pentests and over 1,000 responses from security practitioners in the United States, the United Kingdom, and Germany. Disruption, transformation, volatility — Top 5 most prevalent security issues whichever keyword fits your style, it all points to one fact: change is the constant security teams have had to live by for years.

(more available)
Added: April 14, 2023
image from Do You Know KEV? You Should (Because Hackers Do)!

Do You Know KEV? You Should (Because Hackers Do)!

The purpose of our research is to raise awareness of the CISA KEV catalog and understand how many of these vulnerabilities are under active exploitation so that organizations can take action against their risk. In our research, we relied on the CISA KEV catalog, a notable source of information regarding vulnerabilities actively exploited in the wild. We analyzed the common vulnerabilities and exposures (CVEs) using GreyNoise and other resources and found the attack surface in the past and present.

(more available)
Added: April 14, 2023
image from 2023 Vulnerability Statistics Report 8th Edition

2023 Vulnerability Statistics Report 8th Edition

This report demonstrates the state of full stack security based on thousands of security assessments and penetration tests on millions of assets that were performed globally from the Edgescan Cybersecurity Platform in 2022. This is an analysis of vulnerabilities detected in the systems of hundreds of organizations across a wide range of industries – from the Fortune 500 to medium and small businesses.

(more available)
Added: April 12, 2023
image from Active Cyber Risk Modeling

Active Cyber Risk Modeling

This report explores the critical distinctions between natural and cyber catastrophes, why cyber requires an entirely different approach, and how Active Insurance can mitigate cyber risk. We also provide an in-depth look at how we construct our model and explain why Coalition remains confident that cyber risk is insurable and that cyber insurance can play an essential role in the modern economy.

(more available)
Added: April 11, 2023
image from Using data to prioritize cybersecurity investments

Using data to prioritize cybersecurity investments

For the report, Marsh McLennan paired its extensive proprietary dataset of cyber claims with the results from Marsh Cybersecurity Self-Assessment (CSA) questionnaires, which are composed of hundreds of questions and responses from individual organizations. When combined, the two datasets allow for deep insights into which cybersecurity controls have the greatest effect on the likelihood of an organization experiencing a cyber event. Such innovative use of data and analytics can help companies identify which controls to prioritize. In turn, this can help position an insured favorably during cyber insurance underwriting.

(more available)
Added: April 11, 2023
image from Navigating The Paths Of Risk: The State of Exposure Management in 2023

Navigating The Paths Of Risk: The State of Exposure Management in 2023

Our second annual report presents key insights drawn from tens of thousands of attack path assessments conducted through XM Cyber’s exposure management platform during 2022. These assessments uncovered over 60 million exposures affecting 10 million entitles deemed critical to business operations. Anonymized datasets were exported from the XM Cyber platform and provided to Cyentia Institute for analysis.

(more available)
Added: April 10, 2023
image from 2022 Annual Cybersecurity Report

2022 Annual Cybersecurity Report

Our annual cybersecurity report sheds light on the major security concerns that surfaced and prevailed in 2022. We also discuss how cybercriminals, specifically ransomware actors, are taking their cue from legitimate organizations when it comes to diversifying their portfolios and rebranding their image, and the top vulnerabilities that malicious actors have abused last year.

(more available)
Added: April 3, 2023
image from 2023 MSP Threat Report

2023 MSP Threat Report

MSPs have unique cybersecurity challenges to secure their businesses and customers. The “2023 MSP Threat Report” addresses these challenges specifically, using threat intelligence, insights, and predictions from the ConnectWise Cyber Research Unit (CRU). The report covers the following: Major MSP-focus hacks in 2022, emerging and continuing cyberattack trends, top ransomware methods of threat actors, and action items for MSPs in 2023.

(more available)
Added: April 3, 2023
image from Reducing Cyber Risk

Reducing Cyber Risk

This white paper breaks down existing methods of preventative cyber security and deep dives into Darktrace PREVENT: a product family that combines many of the best aspects of existing methods in an end-to-end, AI-powered solution.

(more available)
Added: April 3, 2023
image from 2023 Qualys Trurisk Research Report

2023 Qualys Trurisk Research Report

In this Report, Qualys explores the most common ways adversaries exploit vulnerabilities and render attacks. With analysis performed by TRU throughout 2022, this report provides security teams with data-backed insights that help them gain victory without battle now and into the future.

(more available)
Added: March 29, 2023
image from 2022 State of Cybersecurity Effectiveness

2022 State of Cybersecurity Effectiveness

The reported results are based on the anonymized aggregated data of simulated attack scenarios and campaigns performed with the Cymulate Platform across a global user base. Cymulate uses a proprietary scoring method based on known industry standards including the MITRE ATT&CK Framework, NIST Special Publication 800-50, and other benchmarks. The weighted averages used in this report compensate for the divergence in the relative usage of specific vectors.

(more available)
Added: March 29, 2023
image from Cryptocurrency crime and anti-money laundering

Cryptocurrency crime and anti-money laundering

This report will focus on dark markets and cross-chain bridges. We continue looking at the trends, current events, hacks, thefts, exploits, and global regulatory developments. Our goal, as always, is to keep you informed and to highlight emerging and ongoing trends to give you the best possible information to keep your business running smoothly.

(more available)
Added: March 29, 2023
image from The State of Secrets Sprawl 2023

The State of Secrets Sprawl 2023

This report will serve as a valuable resource for developers, security professionals, and decisions-makers committed to ensuring the security and integrity of their applications and data. We have never detected as many secrets and secrets sprawl has been accelerating yearly since 2020. Hard-coded secrets increased by 67% compared to 2021, whereas the volume of scanned commits rose by 20% (860M to 1.027B commits between 2021 and 2022).

(more available)
Added: March 11, 2023
image from State of Cyber Threat Intelligence: 2023

State of Cyber Threat Intelligence: 2023

In our new State of Cyber Threat Intelligence, we examine the factors that contribute to these two themes: the converging nature of cyber threats as well as the perpetual cycles in which they exist. Plus, we explore the big-picture impact of cyber attacks on organizations across a variety of industries globally and provide guidance on how to fight back.

(more available)
Added: March 11, 2023
image from 2022 Cyber Threat Landscape Report

2022 Cyber Threat Landscape Report

This report represents Deep Instinct’s current view of the threat landscape, showcasing trends seen throughout the course of the past year and providing concrete, actionable data to verify the credibility of these developments. The information was sourced from our data repositories, which are routinely analysed as part of protecting our customers from ceaseless attacks.

(more available)
Added: March 7, 2023
image from 2022 Intermin Cyber Threat Report

2022 Intermin Cyber Threat Report

This report represents Deep Instinct’s current view of the threat landscape and trends seen between the period January - September 2022 and where possible provides concrete data to verify the credibility of these developments. The information was sourced from our repositories which are routinely analyzed as we protect our customers from incessant and ever evolving attacks on an ongoing basis.

(more available)
Added: March 7, 2023
image from Annual Threat Monitor 2022

Annual Threat Monitor 2022

2022 was another year that kept us on our toes. The threat landscape was heavily influenced by the conflict between Russia and Ukraine, during which we have seen the whole arsenal of offensive cyber capabilities, deployed by criminals, hacktivists, and nation state groups.We saw the overall number of ransomware incidents dip by around 5% compared to the previous year. But, this slight dip does not mean we collectively declare ‘job done’. As a result, we have witnessed several coordinated operations in 2022 that saw arrests of key members of prolific cyber-criminal operations, as well as the disbanding of long-established groups. Least of all Conti, which was 2021’s most active group.”

(more available)
Added: March 7, 2023
  • ««
  • «
  • 8
  • 9
  • 10
  • 11
  • 12
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 1, 2025 16:08 UTC (build b1d7be4)