Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Vulnerability

Below you will find reports with the tag of “Vulnerability”

image from The CISO Current Report

The CISO Current Report

This document institutes the third edition of the CISO Current report and contains data gathered from direct interviews surveying almost 40 cybersecurity executives at leading enterprises.

(more available)
Added: May 8, 2020
image from 2020 Trustwave Global Security Report

2020 Trustwave Global Security Report

The 2020 Trustwave Global Security Report is an annual review of the phenomena, trends and statistics affecting computer security and worldwide safety, as observed by Trustwave systems and security analysts throughout 2019. As we enter a new deacade, we take a fresh look at the changing face of the compromise, from the ways in which increasingly sophisticated threat actors adapted in recent years to improvements in threat detection and response and how people in white hats responded.

(more available)
Added: May 8, 2020
image from 2020 Global State of Least Privilege Cyber Security

2020 Global State of Least Privilege Cyber Security

Applying the principle of least privilege should be a foundational element of any organization’s cyber security strategy. However, a sustainable least privilege strategy isn’t something that can be set up overnight. It takes planning, collaboration, and the right tools to meet the needs of security, IT, desktop support, and users.

(more available)
Added: May 8, 2020
image from Top 10 Penetration Findings 2019

Top 10 Penetration Findings 2019

Lares encounters a seemingly endless number of vulnerabilities and attack vectors when we conducta penetration test or red team engagement, regardless of organization size or maturity. Though notevery engagement is identical, we have analyzed the similarities between hundreds of engagementsthroughout 2019 and the following list represents the most frequently observed penetration test findings we encountered.

(more available)
Added: May 8, 2020
image from Banking on Security

Banking on Security

In this report, we will address the aforementioned questions using data that Forescout Technologies has carefully gathered, tested and validated from all forms of device networks and the applications they support. This report presents data from a cross-sectional analysis of the Forescout Device Cloud, which is a repository of host and network information for more than 11 million devices (provided anonymously by Forescout customers). With Forescout Device Cloud, we analyze device fingerprints to identify device function, vendor/model, operating system and version to provide granular auto-classification for a wide range of devices. For this study, researchers limited Device Cloud analysis to 100 large financial services deployments with over 8,500 virtual local area networks (VLANs) and nearly 900,000 devices.

(more available)
Added: May 8, 2020
image from Cybersecurity in Building Automation Systems (BAS)

Cybersecurity in Building Automation Systems (BAS)

This report is based off the findings of a deep analysis of vulnerabilities in BAS. The results are grouped into four areas then published. The four areas are: Analysis of the security Landscape, Discovery and responsible disclosure of previously unknown vulnerabilities, Deployment of a proof of concept malware, and Discussion on how network monitoring tools can help protect.

(more available)
Added: May 8, 2020
image from State of the Internet: Security 2019

State of the Internet: Security 2019

Akamai’s annual overview of security traffic trends for 2019.

Added: May 3, 2020
image from Global Threat Intelligence Report

Global Threat Intelligence Report

An annual review of threat traffic and patterns across geographies as seen by NTT Security.

Added: April 29, 2020
image from Prioritization to Prediction: Volume 5

Prioritization to Prediction: Volume 5

P2P Volume 5 focuses on the differences between asset types (OS) and how vulnerabilities are treated on different platforms.

Added: April 21, 2020
image from Microsoft Vulnerabilities Report 2020

Microsoft Vulnerabilities Report 2020

This is the 7th annual edition of the Microsoft Vulnerabilities Report, and includes a five-year trend comparison, giving you a better understanding of how vulnerabilities are growing and in which specific products.

(more available)
Added: April 5, 2020
image from 2019 Website Threat Research Report

2019 Website Threat Research Report

Our 2019 Threat Research Report is a deep dive into our logs, experiences, and collected analysis. It summarizes and identifies the latest tactics, techniques, and procedures seen by the Malware Research team, Vulnerability Research team, Threat Intel Research team and Remediation Groups at Sucuri/GoDaddy.

(more available)
Added: March 29, 2020
image from Threat Landscape Report Q4 2019

Threat Landscape Report Q4 2019

This is the threat landscape report from Fortinet for the 4th quarter of 2019. It goes into changes in this quarter, including threat detection changes and attack changes.

(more available)
Added: March 15, 2020
image from 2019 Year in Review: Lessons Learned from the Front Lines of ICS Cybersecurity

2019 Year in Review: Lessons Learned from the Front Lines of ICS Cybersecurity

This report - compiled from the engagements performed throughout 2019 in customer environments by our threat hunting, penetration testing, incident response, tabletop exercise, and assessments teams

(more available)
Added: March 1, 2020
image from 2019 Year in Review: ICS Vulnerabilities

2019 Year in Review: ICS Vulnerabilities

The findings in this report are a comprehensive look at ICS vulnerability statistics, including how they affect industrial control networks and whether appropriate mitigation is provided alongside the published advisories. Dragos identifies errors in the vulnerability scores associated with public reports, a critical part of our vulnerability assessments. By identifying and updating errors in vulnerability scores, Dragos vulnerability assessments help asset owners and operators better prioritize and manage patching and update procedures.

(more available)
Added: March 1, 2020
image from Securing industrial Control Systems- 2017

Securing industrial Control Systems- 2017

We annually gather and analyze raw data from hundreds of IT and industrial control systems (ICS) security practitioners across a variety of industries, people whose work places them in positions of responsibility to identify risks and safeguard control systems and networks from malicious and accidental actions. It is our mission to turn these inputs into actionable intelligence that can be used to support new developments and address ongoing trends in the field, to inform the crucial business decisions that determine allocation of resources, prioritization of protective measures on critical assets and systems, and planning of new initiatives.

(more available)
Added: February 18, 2020
image from Analysis: Pricing of Goods and Services on the Deep & Dark Web

Analysis: Pricing of Goods and Services on the Deep & Dark Web

The survey results and relevant observations are as follows: The inner workings of this underground economy havecome to play an influential role in many of the cyberand physical risks facing organizations today. Toenhance the context within which these illicit goodsand services are obtained, abused, and ultimatelycontribute to such risks, Flashpoint analysts conducteda survey of the prices for various offerings listed forsale across the Deep & Dark Web. While analysts’findings should be interpreted as case studies andgeneral observations rather than precise statistics, thisreport can and should serve to inform the security andrisk strategies of organizations across all sectors.

(more available)
Added: February 18, 2020
image from 2019 Cyber Threatscape Report

2019 Cyber Threatscape Report

Accenture details trends in cyber threats in 2019. It narrows it down to five key features of the 2019 Trendscape: 1. New threats are occuring from technology evolution and disinformation. 2:Cybercriminals adapt, hustle, diversify, and are looking more like states. 3: hybrid motives pose new dangers of ransomware defense and response 4:Improved ecosystem hygiene is pushing threats to the supply chain

(more available)
Added: February 17, 2020
image from Costs and Consequences of Gaps in Vulnerability Response

Costs and Consequences of Gaps in Vulnerability Response

Ponemon Institute is pleased to present the findings of the second study on vulnerabilityand patch management. As shown inthis research, the severity and volume ofcyberattacks is increasing. However, mostorganizations are not comparably enhancingtheir abilities to prevent hackers fromexploiting attack vectors. In fact, it’s takinglonger to detect and longer to patch criticalvulnerabilities than last year. The cost andconsequences of this failure are myriad.

(more available)
Added: February 17, 2020
image from Worldwide Security Spending Guide

Worldwide Security Spending Guide

The Worldwide Security Spending Guide examines the security opportunity from a technology, industry, company size, and geography perspective. This comprehensive database delivered via IDC’s Customer Insights query tool allows the user to easily extract meaningful information about the security technology market by viewing data trends and relationships and making data comparisons.

(more available)
Added: February 14, 2020
image from X-Force Threat Intelligence Index

X-Force Threat Intelligence Index

X-Force Incident Response and Intelligence Services (IRIS) compiled IBM Security software and security services analyses from the past year, which show that 2019 was a year of reemerging old threats being used in new ways.

(more available)
Added: February 14, 2020
image from Cloud Threat Report: Putting the Sec in DevOps

Cloud Threat Report: Putting the Sec in DevOps

2020 edition of the Unit 42 Cloud Threat Report, ourteam of elite cloud threat researchers focused theirattention on the practices of DevOps. The research aimedto uncover where cloud vulnerabilities are surfacing.DevOps teams are shortening the time to productionusing infrastructure as code (IaC) templates. But the IaCtemplates themselves are not the issue. It’s the flawedprocess by which they are being created.

(more available)
Added: February 14, 2020
  • ««
  • «
  • 19
  • 20
  • 21
  • 22
  • 23
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 4, 2025 16:08 UTC (build b1d7be4)