This sixth volume of the Prioritization to Prediction series combines vulnerability data from Kenna’s customers with additional intelligence from Fortinet and others. This volume provides a quantitative analysis of the timeline of key dates in the lifecycle of an exploited vulnerability, exploring the effects of releasing exploit code relative to the date of CVE publication and patch availability, discussing the ramifications to attackers and defenders.

This annual report looks at changes in internet of things security.

An annual survey on the challenges and response to those challenges of cybersecurity in the Industrial Control Systems (ICS) space.

The 2020 edition of this annual report uses results of software scan patterns and results across thousands of global customers. A focus for this edition is the effects of nature (the corporate environment of applications) vs. nurture (the behaviors developers take) and the relative effect each has on application security.

Drawing from their managed SIEM, vulnerability scanning, and penetration testing practices, this report covers the key threat and compliance challenges over the 2019 calendar year.

Drawing from their managed SIEM, vulnerability scanning, and penetration testing services, this report reviews the key trends from the 2018 calendar year.

This report takes a look at the most significant stories and trends in order to determine what has changed and what to expect for the second half of 2020 in the cybersecurity industry.

This report attempts to understand the theory and practice of web application security in organizations worldwide.

This report goes into the hacking industry in 2020. It talks about the impact of hackers on security, bug bounty trends, and more.

This report focuses on cybersecurity for small and medium sized businesses for 2020. It goes over how cyber attacks have changed, how remote work has an effect, and more.

A review of web application vulnerabilities as seen through Acuentix’s web scans between March 2019 and February 2020.

A survey of over 1,500 CIOs, CISO, and Chief Procurement Officers on their concerns and actions for supply chain management.

This report provides recommendations on how companies can manage the threat posed by shadow IoT devices.

An extension of the Prioritization to Prediction series, this report uses a sample of over 40 manufacturing sector firms to better understand the means and metrics of vulnerability management with the sector.

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 30 healthcare sector firms to better understand the means and metrics of vulnerability management with the sector.

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 100 finance sector firms to better understand the means and metrics of vulnerability management with the sector.

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 70 technology services to better understand the means and metrics of vulnerability management with the sector.

A report from aggregate telemetry on Contrast Security customers’ applications between June 2019 and May 2020. Covers application vulnerability prevalence, time to remediation, attacks, and composition, among other themes.

This quarterly threat report offers insight into the DDoS attacks that occurred in the 2nd quarter of 2019.

This research purports to help better understand the emerging risks and modern threat landscape both in qualitative and quantitative aspects, and to help cybersecurity companies better prioritize and address emerging cyber risks.

A survey of over 1,000 US and UK IT professionals on the challenges to having the necessary in-house expertise to achieve a strong cybersecurity posture.