Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Vulnerability

Below you will find reports with the tag of “Vulnerability”

image from Permiso State of Identity Security Report 2024

Permiso State of Identity Security Report 2024

The Permiso Security State of Identity Security Report (2024) offers a comprehensive analysis of cloud identity and access management practices across global organizations. This study, encompassing over 500 entities, unveils critical trends and challenges shaping the future of identity security. 93% of organizations can inventory identities across all environments, as well as track keys, tokens, certificates and any modifications that are made to any environment.

(more available)
Added: November 9, 2024
image from 2022 State of Access Report

2022 State of Access Report

1Password’s 2022 State of Access Report, an annual survey of North American workers’ sentiments and behaviors around cybersecurity and other critical aspects of modern work, reveals that the acute burnout detected in last year’s survey has paved the way for a widespread sense of distraction in a time of “permacrisis.” When security protocols and practices aren’t automated, even the most well-intentioned employees can unwittingly cause a breach.

(more available)
Added: October 30, 2024
image from The Total Economic Impact  Of 1Password Business

The Total Economic Impact Of 1Password Business

1Password Business is an encrypted password solution that provides users with secure access via autofill logins, autogenerated strong passwords, and vault features. For the purposes of this study, Forrester aggregated the interviewees’ experiences and combined the results into a single composite organization. Forrester took a multistep approach to evaluate the impact that 1Password can have on an organization.

(more available)
Added: October 30, 2024
image from The Offsec Shift Report

The Offsec Shift Report

The OffSec Shift Report reveals how organizations are adapting to bring both defensive and offensive strategies to the cybersecurity battle. The past year was hard on cybersecurity teams. The persistent economic downturn led to 39% of organizations deprioritizing their cybersecurity strategy.

(more available)
Added: October 30, 2024
image from The State of Attacks on GenAI

The State of Attacks on GenAI

The State of Attacks on GenAI delivers cutting-edge insights into real-world attacks on generative AI systems, based on telemetry data from over 2,000 LLM applications. Prompt leaking has emerged as the primary method for exposing sensitive information in successful attacks. This unintended disclosure can reveal proprietary business data, application logic, and PII, leading to significant privacy breaches and security vulnerabilities.

(more available)
Added: October 24, 2024
image from Inside the Mind of a Hacker

Inside the Mind of a Hacker

This report seized the opportunity to do something different; it now focuses on highlighting what’s next for the hacking community. From neurodiversity in the hacking community to the rise of hacking influencer platforms, we’ve examined a broad spectrum of important topics. Now, most security professionals not only understand the difference between threat actors and hackers, but they actually have personal experience with ethical hacking.

(more available)
Added: October 24, 2024
image from Ensia Threat Landscape 2024

Ensia Threat Landscape 2024

Reporting over the course of 2023 and 2024, ETL highlights findings on the cybersecurity threat landscape during a yearlong geopolitical escalation. Throughout the latter part of 2023 and the initial half of 2024, there was a notable escalation in cybersecurity attacks, setting new benchmarks in both the variety and number of incidents, as well as their consequences.

(more available)
Added: October 15, 2024
image from 2023 Microsoft Vulnerabilities Report

2023 Microsoft Vulnerabilities Report

This 10-year anniversary edition of the report dissects the 2022 Microsoft vulnerabilities data and highlights some of the key shifts since the inaugural report. This report will spotlight some of the most significant CVEs of 2022, break down how they are leveraged by attackers, and explain how they can be prevented or mitigated. The way Microsoft classifies the severity rating for a vulnerability is distinct from the likelihood of exploitation.

(more available)
Added: October 15, 2024
image from 2022 Microsoft Vulnerabilities Report

2022 Microsoft Vulnerabilities Report

The report has delivered a holistic annual view of the vulnerabilities within Microsoft’s platforms and products, and has established an undeniable business case for the importance of removing admin rights to reduce risk. In this report, we will examine how these vulnerability trends, along with cloud security adoption, collectively influence how we should think about cybersecurity and risk management in 2022 and beyond.

(more available)
Added: October 15, 2024
image from Microsoft Vulnerabilities Report 2021

Microsoft Vulnerabilities Report 2021

In its 8th year, the Microsoft Vulnerabilities Report has proven to be a valuable asset for many organizations who wish to gain a holistic understanding of the evolving threat landscape. The report provides a 12-month, consolidated view and analysis of Microsoft Patch Tuesdays, as well as exclusive insights from some of the world’s top cybersecurity experts. This analysis not only reveals evolving vulnerability trends, but also identifies the Critical vulnerabilities that could be mitigated if admin rights were removed.

(more available)
Added: October 15, 2024
image from 2024 Microsoft Vulnerabilities Report

2024 Microsoft Vulnerabilities Report

The Microsoft Vulnerabilities Report has garnered over 16,000 downloads and helped thousands of users leverage its detailed data analysis and expert findings to improve their cyber defenses. This year’s edition of the report not only dissects the 2023 Microsoft vulnerabilities data, but also assesses how these vulnerabilities are being leveraged in identity-based attacks. The report also spotlights some of the most significant CVEs of 2023, breaks down how they are leveraged by attackers, and explains how they can be mitigated.

(more available)
Added: October 15, 2024
image from 2024 State of Threat and Exposure Management Report

2024 State of Threat and Exposure Management Report

In this report we begin by examining the prevalence of those vulnerabilities across assets to determine which ones are most common. Then we measure how quickly those vulnerabilities are remediated and what factors speed up or slow down that process. We’ll begin our foray into the wilds of the vulnerability landscape by examining the product vendors that shape it. This is important because these technologies are commonly used, thus vulnerabilities affecting them can have a widespread impact on cyber risk posture.

(more available)
Added: October 15, 2024
image from The 2024 Duo Trusted Access Report

The 2024 Duo Trusted Access Report

In this report, we’ll delve into insights drawn from an analysis of over 16 billion authentications in the last year (and over 44B in the last 4 years), spanning nearly 52 million different browsers, on 58 million endpoints and 21 million unique phones across regions. Authenticator apps like Duo mobile appeal to both demand for higher security and ease-of-use. Last year, access to remote access applications fell to nearly 25% of authentications after peaking in 2020.

(more available)
Added: September 30, 2024
image from The 2024 Tidelift State Of The Open Source Maintainer Report

The 2024 Tidelift State Of The Open Source Maintainer Report

This is the sixth year in a row Tidelift has conducted a survey about open source and the third time it focused exclusively on the maintainers who create and maintain the open source projects we all depend on. The most cited stat from that previous survey was that 60% of maintainers described themselves as unpaid hobbyists. We asked the same question again this year to see if things had changed.

(more available)
Added: September 24, 2024
image from The True Cost of CVE Management in Containers

The True Cost of CVE Management in Containers

Common Vulnerabilities and Exposures (aka CVEs) in containers, at least according to the interviews conducted for this study, are a pain (in the vuln). Chainguard conducted ten interviews with software professionals at a range of companies that build or operate containers. The interview questions dealt with the processes and workflows that these professionals use to identify, triage, and remediate CVEs in containers. Many of the questions either involved a request for a time estimate of each step of the process or probed the “why” behind the process or workflow.

(more available)
Added: September 24, 2024
image from 2024 State of AI Security Report

2024 State of AI Security Report

This report focuses on the security of deployed AI models in cloud services and environments. Our research indicates that more than half of organizations have adopted AI models for custom applications. More than half of organizations are deploying their own AI models. Default AI settings are often accepted without regard for security.

(more available)
Added: September 20, 2024
image from The State of Non-Human Identity Security

The State of Non-Human Identity Security

Non-human identities (NHIs) such as bots, API keys, service accounts, OAuth tokens, and secrets are indispensable for automating tasks, enhancing efficiency, and driving innovation within organizations. The survey provides insights into their opinions about their current NHI security, the obstacles they’re facing, and the strategies and tools they’re using. The aim is to shed light on the current state of NHI security and identify areas for improvement.

(more available)
Added: September 16, 2024
image from The State of Pentesting Report 2024

The State of Pentesting Report 2024

In the ever-evolving landscape of cybersecurity, the significance of security testing cannot be overstated. As we delve into the 2023 trends, it’s clear that penetration testing remains the cornerstone of a robust security strategy. we’ve observed a substantial 31% increase in manual pentest engagements, highlighting a growing reliance on this building block of security.

(more available)
Added: August 23, 2024
image from 2024 State of Software Supply Chain Security

2024 State of Software Supply Chain Security

To understand the current state of software supply chain security (SSCS) we surveyed 900 AppSec professionals in US, Europe and APAC based organizations across a wide range of industries. The findings show an increased sense of awareness with more than half of respondents acknowledging that SSCS is a top or significant area of focus. However, only 7% have already purchased and implemented an SSCS-specific product.

(more available)
Added: August 21, 2024
image from 2024 Cyber Security Report

2024 Cyber Security Report

This report looks back at the major cyber security events of 2023, offering insights and analysis to help understand and prepare for the challenges ahead. Our goal is to provide valuable information to organizations, policy makers, and cyber security professionals, helping them to build stronger defenses in an increasingly digital world. Check Point Research reports that threat actors in hacking forums have started making use of AI tools like ChatGPT, in order to create malware and attack tools such as info-stealers and encryptors.

(more available)
Added: August 21, 2024
image from The Blue Report 2024

The Blue Report 2024

This year’s report introduces results from the Attack Path Validation (APV) and Detection Rule Validation (DRV) products on the Picus platform, offering deeper observations into organizational preparedness against automated penetration tests and the effectiveness of detection rules in SIEM systems. It provides perspective into the current state of cybersecurity and recommends Continuous Threat Exposure Management (CTEM) for those working to adopt a holistic approach.

(more available)
Added: August 20, 2024
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 1, 2025 00:08 UTC (build b1d7be4)